Programme @

IDM

Identity Management

18 June 2024

Victoria Park Plaza Hotel, London

Programme @ IDM

Morning Session

How to implement your IAM strategy, embed across the business and bring your customers with you

  • Panel: Where Digital Identity Meets CIAM
  • Migrating from Legacy to Modern IGA
  • Strategy of Enterprise-Wide Security Transformation
  • Securing Identities at Every Interaction: The importance of Uniting GRC and IGA
  • The Power of Identity – The Art of the Possible
  • Privileged Access – A Journey From Little to Least (In a Complex IT Environment)
  • Paths to Privilege: Why Kevin Bacon is One of the Biggest Problems in Cyber

08:00 (BST)

Registration and Exhibition Opens

Attendees can collect their badges and refreshments are served in the exhibition area

09:00 (BST)

Welcome from the Conference Chair

Andrew Briercliffe
Head of Child Safety Online, Protection Group International
view profile

Andrew Briercliffe,

09:10 (BST)

Panel: Where Digital Identity Meets CIAM

Tony Allen
Executive Director, Age Check Certification Scheme
view profile
Gareth Narinesingh
Identity Development Director, Open Identity Exchange
view profile

Tony Allen, Executive Director, Age Check Certification Scheme
Gareth Narinesingh, Identity Development Director, Open Identity Exchange

In today’s interconnected digital landscape, managing identity is paramount. As organizations embrace digital transformation, they encounter the convergence of digital identity and Customer Identity and Access Management (CIAM). This session explores the critical intersection where user privacy, security, and seamless experiences intersect. Join us to delve into strategies, best practices, and emerging trends in safeguarding digital identities while enhancing user engagement.

 

09:40 (BST)

Migrating from Legacy to Modern IGA

Paul Walker
Field Strategist, Omada
view profile

Paul Walker, Field Strategist, Omada

Join this session together with Omada’s Field Strategist, Paul Walker, who will walk you through the migration from a legacy identity system to modern IGA. The following key topics that will be covered are:

  • The challenges of legacy identity systems.
  • The benefits of a modern IGA solution – and what does it include?
  • The steps towards deploying a modern IGA solution explained through real-life customer cases.

09:55 (BST)

Strategy of Enterprise-Wide Security Transformation

Mikolaj Maciejak
VP/Executive Director, Core IAM Services, Leading International Investment Bank
view profile

Mikolaj Maciejak, VP/Executive Director, Core IAM Services, Leading International Investment Bank

  • What is an enterprise-wide transformation:
    A change in the logic of shared services, infrastructure, or application architecture, has a significant impact on the existing landscape and potential to disrupt the target systems. These transformations often happen as mandatory items e.g. as a result of regulatory changes, risks or vulnerabilities identified, or due to the purchase/roll-out of new shared products. These transformations often do not contribute directly to business goals, e.g. releasing new business logic, increasing the number of target application users, etc.
  • Understand why the transformation is needed.
  • Understand the landscape and define the scope.
  • Propose a strategy.
  • Perform initial adoptions, collect feedback, and draw conclusions.
  • Complete documentation and automation.
  • Define realistic goals and estimate the cost.
  • Execute and keep collecting feedback.

 

10:15 (BST)

Navigating Identity Evolution: From Past to Future

Mo Joueid
Advisory Solutions, SailPoint
view profile

Mo Joueid, Advisory Solutions Consultant, SailPoint

To envision the future, one must first grasp the past. The transition from rudimentary IDM to today’s Identity Security embodies a pivotal shift towards a comprehensive and proactive stance in safeguarding digital identities amidst escalating threats. Reflecting on this journey offers invaluable insights into our present circumstances, the path that led us here, and the trajectory we must pursue. Join us in this session as we explore this evolutionary journey, elucidate existing challenges, and anticipate the unfolding landscape of Identity in the days to come.

10:30 (BST)

Securing Identities at Every Interaction: The importance of Uniting GRC and IGA

Darren Mawhinney
Regional Field Sales Director – International, Delinea
view profile

Darren Mawhinney, Regional Field Sales Director – International, Delinea

In today’s digital landscape, securing identities at every interaction is paramount. Governance, Risk, and Compliance (GRC) and Identity Governance and Administration (IGA) are two critical frameworks that, when combined, create a robust defense against identity-related threats. This session will explore the synergy between GRC and IGA, demonstrating how their integration not only strengthens security but also ensures compliance and operational efficiency. Join us to learn from experts how Delinea’s innovative solutions can help your organization protect identities, mitigate risks, and achieve seamless compliance.

Key Takeaways:

    • Discover how integrating GRC and IGA frameworks can ensure both security and regulatory compliance across all identity interactions.
    • Learn effective strategies to identify, assess, and manage risks associated with identity governance.
    • Understand how the alignment of GRC and IGA can streamline processes, reduce administrative burdens, and improve overall efficiency in identity management.

10:45 (BST)

Questions to the Panel of Speakers

11:00 (BST)

Networking in the Exhibition Area

Refreshments Served in the Exhibition Area

11:25 (BST)

Welcome to Session Two

Andrew Briercliffe
Head of Child Safety Online, Protection Group International
view profile

Andrew Briercliffe,

11:30 (BST)

The Power of Identity – The Art of the Possible

Jason Goode
VP, Southern & Western Europe, iC Consult
view profile

Jason Goode, VP, Southern & Western Europe, iC Consult

The presentation will explore the evolving landscape of authentication technologies by examining the future of traditional passwords in “Passwordless – Fact or Fiction?” This examination will be supported by a compelling case study. It will then look into “In-car Identity – How Does That Work?” to analyze secure and personalized identity verification within vehicles. Additionally, let’s delve into “Customer Identity at Scale,” showcasing successful strategies across industries for managing customer identities efficiently and securely. These insights will highlight how innovations, once considered science fiction, are now shaping daily life, demonstrating the transformative impact of technological advancements on identity management and authentication.

11:45 (BST)

Privileged Access - A Journey From Little to Least (In a Complex IT Environment)

Peter Crumpton
Information Security Assurance Manager, NFU Mutual
view profile

Peter Crumpton, Information Security Assurance Manager, NFU Mutual

Privileged Access Management is a cornerstone of security, as permissive access is just what the cybercriminals are looking to gain and exploit, or what can accidentally be misused and cause significant damage.

This case study will take you through the organisations journey from recognising the exposure and risk associated, to defining a target operating model, gaining funding and implementing improvements to move closer to the goal of least privilege and zero trust. Like most companies, there is a mix of on-premise and cloud SAAS, PAAS, IAAS, with new and legacy technology, so the answers are not uniform.

  • Case study into the journey of recognising a gap in control and the risk it presents and programmes of work to reduce this.
  • Identification of the lessons learned from implementing planning and improvements.
  • How we dealt with the mixture of technology and legacy products.

12:00 (BST)

Paths to Privilege: Why Kevin Bacon is One of the Biggest Problems in Cyber

James Maude
Field Chief Technology Officer, BeyondTrust
view profile

James Maude, Field Chief Technology Officer, BeyondTrust

Feeling uncertain about the security of your identities, privileges, and hidden threats? You’re not alone. Attackers exploit the complexity of modern IT, using forgotten accounts and mismanaged privilege to wreak havoc. Every component of your identity infrastructure can be a potential vulnerability. Join James Maude, Director of Research, as he introduces the concept of Paths to Privilege and how they are a critical step in any Identity and security planning.

12:15 (BST)

Questions to the Panel of Speakers & Delegates move to the Seminar Rooms

12:30 (BST)

Seminar Sessions

13:15 (BST)

Networking Lunch

Served in the Exhibition Area

Afternoon Session

Understanding your IAM ecosystem, mapping its landscape and understanding what the future holds

  • Beyond The Door: Who Owns IAM?
  • How to Recover Active Directory When Every Second Counts
  • Secure Smarter, Not Harder: AI-Powered Identity Protection
  • Stakeholder Buy-In: A Guide to Successful Application Onboarding
  • How Knowledge of the Human Brain Can Help You to Succeed With Your IAM Programs
  • Continuous Authentication of Internet of Things Devices

14:00 (BST)

Conference Chair’s Afternoon Address

Andrew Briercliffe
Head of Child Safety Online, Protection Group International
view profile

Andrew Briercliffe,

14:05 (BST)

Beyond The Door: Who Owns IAM?

Arijit Banerjee
IGA Platform – Product Owner, bp
view profile

Arijit Banerjee, IGA Platform – Product Owner, bp
Amit Kakad, Entitlement & Authorizations – Principal Platform Engineer, bp

  • A journey from past to present – how is IAM evolving in bp?
    bp has started the journey of moving from a technology to a product mindset. We found the emergent need is because we are more conscious of the overwhelming load of the team due to the scale and velocity we operate and innovate, and are thus making choices and decisions that are shaping how we work in this space. This is also because we are focused on the customer outcome and their experience of using IAM in the wider scale of business and how that underpins the digital strategy of our business.

 

  • IAM in the next days – thoughts for the future
    Traditionally IAM has always belonged to very specific domains in the enterprise which are very isolated and feedback poorly. These domains are mostly around regulatory domains, privacy, and digital security. We tend to box IAM within these domains, but these are typical non-functional domains in a value stream, so the concept of identity as security is not very holistic in approach. It is definitely impacting and contributing towards overall security. But IAM is much bigger.

14:20 (BST)

How to Recover Active Directory When Every Second Counts

David Hitchen
Senior Solutions Engineer, Semperis
view profile

David Hitchen, Senior Solutions Engineer, Semperis

Active Directory (AD) is the core identity system for most organisations, making it a key cyberattack target. The speed of AD recovery determines the speed of operational recovery after an attack, so every second counts. Yet AD recovery is notoriously complicated and time consuming. And hybrid AD environments—combining on-premises AD plus Entra ID in the cloud—present additional complications.

14:35 (BST)

Secure Smarter, Not Harder: AI-Powered Identity Protection

Paul Heaney
CTO, ProofID
view profile
Rob Otto
EMEA Field CTO, Ping Identity
view profile

Paul Heaney, CTO, ProofID
Rob Otto, EMEA Field CTO, Ping Identity

While traditional MFA is an effective means for reinforcing the use of passwords, it is not enough anymore to stop modern attacks. Robust identity solutions like Ping Identity, delivered by ProofID, are essential for safeguarding your organisation against today’s sophisticated fraudsters.

Using intelligence-based policies that combine the results of key risk predictors, our Identity platform monitors for unusual behaviour throughout the user journey. By examining data from the user’s device along with network data, we can inspect authentication and registration requests to identify anomalies that indicate an attack attempt.

Join our session to learn how Ping Identity and ProofID can provide you with a modern AI-powered Identity Security Solution.

14:50 (BST)

Questions to the Panel of Speakers

15:05 (BST)

Afternoon Networking Break

Refreshments served in the Exhibition Area

15:30 (BST)

Welcome to the Final Session

Andrew Briercliffe
Head of Child Safety Online, Protection Group International
view profile

Andrew Briercliffe,

15:35 (BST)

Stakeholder Buy-In: A Guide to Successful Application Onboarding

Madeleine Parish
Head of Identity and Access Management, RSA Insurance
view profile

Madeleine Parish, Head of Identity and Access Management, RSA Insurance

Application onboarding to any centralised tool has key dependencies across the business. We’ll discuss options for overcoming blockers, pre-emptive communications, and small changes that can make all the difference, including:

  • Familiarising the business with IAM processes and controls
  • Holding the business and your own teams accountable
  • What’s the worst that can happen and how can we plan to mitigate it?

 

15:50 (BST)

How Knowledge of the Human Brain Can Help You to Succeed With Your IAM Programs

Sarah Aalborg
CISO & Head of IT Governance, Tivoli
view profile

Sarah Aalborg, CISO & Head of IT Governance, Tivoli

Starting right can make the rest easy. Understanding the human brain and using the right approach can take you far when implementing your IAM solution.

This discussion will focus on conquering challenges during IAM rollouts and implementing disciplines such as user and access management. We’ll use basic knowledge of the brain and our subconscious mind, starting with human evolution. 

16:05 (BST)

Continuous Authentication of Internet of Things Devices

Raj Rajarajan
Professor of Security Engineering, Director, Multidisciplinary Centre of Cyber Security for Society (MOBS), School of Science & Technology
view profile

Raj Rajarajan, Professor of Security Engineering, Director, Multidisciplinary Centre of Cyber Security for Society (MOBS), School of Science & Technology

Mobile devices have become a ubiquitous part of modern life. This creates a need for protecting private data stored on devices. Traditional authentication techniques are knowledge-based where a user provides input such as a PIN, password or pattern. However, these have been shown to be vulnerable to smudge attacks and shoulder surfing. The inclusion of sensors in mobile devices has seen biometrics used to authenticate users. Common biometrics used to authenticate include fingerprints and facial recognition. However, these continue to suffer from spoofing attacks. Furthermore, all discussed security mechanisms so far are one-shot authentication approaches; the device does not re-authenticate after it is unlocked. Continuous authentication techniques have been proposed to alleviate issues with current authentication techniques. Such schemes create a biometric profile using sensor data such that future data can then be compared to the user profile to authenticate.

16:20 (BST)

Questions to the Panel of Speakers

16:35 (BST)

Closing Remarks from the Conference Chair

Andrew Briercliffe
Head of Child Safety Online, Protection Group International
view profile

Andrew Briercliffe,

16:45 (BST)

Conference Closes

Delegates Depart

Please note:
Whitehall Media reserve the right to change the programme without prior notice.

Follow us on social

Keep up to date with what's going on by following us on social media.

Featured blogs

Read the latest news and views from key industry figures and thought leaders.

IAM: What the World is Saying
If you are a business pulling through the post-pandemic years and harnessing the potential of digital workspaces and marketplaces, identity management and access management are no longer an option – they are a necessity. It is the fundamental protection measure for the company’s digital resources, including networks, applications, and organizational and user data. Without robust...
Why Identity is the Cornerstone of a Zero Trust Architecture
Written by Scott Silver, Xalient  As organisations continue to embrace digital transformation to gain access to the cloud’s many benefits, this means that computing environments are evolving into borderless IT ecosystems. Digital identities are also evolving at pace and identity security is now a crucial aspect of cybersecurity. As we continue to digitally transform organisations,...
Challenges of Adopting Zero Trust
Why adopting a Zero Trust approach is not as straightforward as it might appear Written by Steven Daniëls and David Morimanno, thought leaders at Xalient Group. The world has changed. With the move to hybrid working, the rapid adoption of cloud, increased use of mobile and IoT devices, and more, every organization’s attack surface has...