Programme @

IDM

Identity Management

18 June 2024

Victoria Park Plaza Hotel, London

Programme @ IDM

Morning Session

How to implement your IAM strategy, embed across the business and bring your customers with you

  • Managing External Identities Using a Customer Identity and Access Management (CIAM) Tool
  • Cloud-Based CIAM
  • Defining your CIAM strategy and thus Optimising CIAM for UX, CX and Personalisation
  • Multi-Factor Authentication
  • Artificial Intelligence – Impact and Threats in Identity and Access Management
  • Machine Identity/Learning and Generative AI : How ML and AI Are Changing the Game for IAM
  • How Identity and Access Management Supports a Zero-Trust Environment

09:00 (BST)

Welcome from the Conference Chair

09:15 (BST)

Managing External Identities Using a Customer Identity and Access Management (CIAM) Tool

How – IAM-focused cybersecurity leaders can prioritize CIAM initiatives to focus on customer user experience, high scalability, security and privacy.

  • Enabling the Digital Enterprise with a well defined CIAM strategy
  • How CIAM impacts Customer and UX experience
  • Adaptive MFA – enforcing minimum password requirements (including re-use policies), streamlining the password reset flow, and including MFA, CIAM to tighten down your identity perimeter.

09:30 (BST)

Cloud-Based CIAM

This session will explore:

  • Cloud Adoption: A move towards cloud-based CIAM solutions to leverage scalability, flexibility, and cost-effectiveness.
  • Microservices Architecture: Adoption of microservices architecture for CIAM systems, enabling organizations to develop, deploy, and scale services independently.
  • Accelerated adoption of cloud-based IAM solutions to accommodate remote workforces, support scalability, and provide centralized identity management.

 

09:45 (BST)

Defining your CIAM strategy and thus Optimising CIAM for UX, CX and Personalisation

This session will explore:

  • How Ensuring a frictionless and safe interaction for boosting customer conversions and loyalty help Enterprises navigate the challenge of effectively balancing security and user experience.
  • Multi- Factor Authentication : Taking a CIAM approach to MFA or 2 factor authentication (2FA) to implement secure and customer-centric digital identity management architecture
  • User-Centric Approaches: CIAM systems focusing on providing a seamless and personalized user experience to enhance customer satisfaction.
  • Consent and Privacy Management: How increasing concerns about data privacy, CIAM solutions are now incorporating features to manage user consent and comply with regulations like GDPR.

10:00 (BST)

Multi-Factor Authentication

This session will explore:

  • Adaptive Authentication: Behavioral Analytics: Integration of behavioral analytics to assess user behavior patterns and adjust authentication requirements accordingly.
  • Mobile-based MFA
  • Passwordless Authentication: Elimination of Passwords: Addressing the Growing interest in passwordless authentication methods, including biometrics, mobile-based solutions, and authentication through possession of a device.
  • Zero Trust Security Models: Incorporating continuous authentication measures within a Zero Trust security framework to verify and re-verify user identity throughout the entire session.

10:15 (BST)

Artificial Intelligence – Impact and Threats in Identity and Access Management

This session will explore:

  • Benefits of  IAM systems that are backed by AI Platforms –  Assessing the three major aspects: authentication, identity management and secure access.
  • Digital identities: The solution or the ultimate Trojan horse?
  • With  digital identity proliferation  on the rise and the attack surface  at risk from artificial intelligence (AI) attacks, credential attacks and double extortion – how can an Enterprise reduce the attack surface by limiting the amount of data?

 

 

10:30 (BST)

Machine Identity/Learning and Generative AI : How ML and AI Are Changing the Game for IAM

This session will explore:

  • Artificial intelligence as an identity
  • How Generative AI has become a powerful tool in a long line of advanced analytic techniques that are being used to improve IAM
  • How Advancements in identity analytics and machine learning can reduce risk and streamline multiple identity and access management activities.
  • Case Studies : How advanced analytics can be applied to many IAM use cases.

10:45 (BST)

Questions to the Panel of speakers

11:00 (BST)

Networking in the Exhibition Area

Refreshments Served in the Exhibition Area

11:25 (BST)

Welcome to Session Two

11:30 (BST)

How Identity and Access Management Supports a Zero-Trust Environment

This session will explore:

  • How the recent emphasis on zero-trust security architectures brought IAM to the forefront for many IT teams.
  • Continuous Authentication:: Emphasis on continuous monitoring and adaptive authentication, verifying user identity throughout the entire session based on behavior, context, and risk analysis.
  • Identity Governance and Administration (IGA): IAM systems help manage and govern user identities, ensuring that access rights align with job roles and responsibilities. This reduces the risk of unauthorized access.
  • User Provisioning and Deprovisioning
  • Privileged Access Management (PAM): How IAM can incorporate Privileged Access Management to secure and monitor access to critical systems and data.

11:45 (BST)

The Online Safety Bill: What is it? How is it aiming to make people safer online? What role can IDM play?

The Online Safety Bill was introduced in the UK Parliament on 17 March 2022, and is going through the parliamentary process.  As currently drafted, it will require services which host user-generated content and search engines to have systems and processes for protecting individuals from certain types of harm online and require pornography providers to ensure children are not normally able to encounter pornographic content. Any such service which has significant numbers of UK users, or which is targeted at the UK market will have new duties and must comply with the new law.  Ofcom is due to become the regulator for the Bill and in this discussion we will:

  • Introduce Ofcom and outline its range of responsibility;
  • Introduce the Online Safety Bill and the key points;
  • Highlight some of the key areas that have a link to Digital Identity;

12:00 (BST)

Cyber Security Physics: Breaking the Attack Chain

Join us to learn how you can break the attack chain and establish a solid foundation for security project success. We’ll cover:

  • Common attack chain entry points
  • Practical steps you can take to block entry
  • How PAM ensures project success

12:15 (BST)

Questions to the Panel of Speakers & Delegates move to the Seminar Rooms

12:30 (BST)

Seminar Sessions

13:15 (BST)

Networking Lunch

Served in the Exhibition Area

Afternoon Session

Understanding your IAM ecosystem, mapping its landscape and understanding what the future holds

  • Modernizing Identity Governance: Why Now & How To Get There
  • Keeping your finger on the pulse: Identity Management and the rapidly increasing security risks of AI
  • Stories from the trenches – Identity & Incident Response
  • Managing secure customer identification for the leader in money transfer services
  • 2024 & The Biggest Threats to Your Business

14:00 (BST)

Conference Chair’s Afternoon Address

14:05 (BST)

Privileged Access - A journey from Little to Least (in a complex IT environment)

Peter Crumpton
Information Security Assurance Manager, NFU Mutual
view profile
Peter Crumpton, Information Security Assurance Manager, NFU Mutual

 

Privileged Access Management is a cornerstone of security, as permissive access is just what the cybercriminals are looking to gain and exploit, or what can accidentally be misused and cause significant damage.

This case study will take you through the organisations journey from recognising the exposure and risk associated, to defining a target operating model, gaining funding and implementing improvements to move closer to the goal of least privilege and zero trust. Like most companies, there is a mix of on-premise and cloud SAAS, PAAS, IAAS, with new and legacy technology, so the answers are not uniform.

  • Case study into the journey of recognising a gap in control and the risk it presents and programmes of work to reduce this.
  • Identification of the lessons learned from implementing planning and improvements.
  • How we dealt with the mixture of technology and legacy products.

14:20 (BST)

Keeping your finger on the pulse: Identity Management and the rapidly increasing security risks of AI

This presentation examines potential Identity and Access Management risks and vulnerabilities that organisations may face as a result of rapid advancements in artificial intelligence (AI). The presentation will also offer strategies and best practices to help mitigate these risks and stay informed about evolving AI threats.

  • Publicly available generative AI and Large Language Models (LLMs) can be used by attackers to compromise identity security in several ways.
  • The complexity, capability and availability of AIs is increasing at an incredible pace; keeping up with developments in this area is crucial.
  • Organisations of all sizes must review and renew IAM policies to ensure they are fit for the future

14:35 (BST)

Stories from the trenches - Identity & Incident Response

In the aftermath of an identity attack that compromises Active Directory, how can you quickly recover and restore trust in AD? Hear real-world examples that illustrate how you can perform attack forensics without alerting the attacker, build a defence, recover Active Directory, and make AD more resilient to compromise in the future.

Learn the simple steps that your organisation can take to improve your Active Directory security posture and protect AD against today’s widespread cyber threats.

14:50 (BST)

Questions to the Panel of Speakers

15:05 (BST)

Afternoon Networking Break

Refreshments served in the Exhibition Area

15:30 (BST)

Welcome to the Final Session

15:35 (BST)

Stakeholder Buy-In: A Guide to Successful Application Onboarding

Madeleine Parish
Head of Identity and Access Management, RSA Insurance
view profile

Madeleine Parish, Head of Identity and Access Management, RSA Insurance

Application onboarding to any centralised tool has key dependencies across the business. However, these business teams are usually unfamiliar with IAM processes and tooling, have their own priorities and even if they’re willing to support it, can be an uphill struggle to make progress. We’ll discuss options for overcoming blockers, pre-emptive communications, and small changes that can make all the difference, including:
 

  • Familiarising the business with IAM processes and controls 
  • Holding the business and your team (!) accountable 
  • What’s the worst that can happen 
  • And how can we plan to mitigate it? 

 

15:50 (BST)

2024 & The Biggest Threats to Your Business

We’ll be discussing the most dangerous and emerging threats to UK organizations as well as the solutions that go beyond anti-malware/anti-virus to include endpoint security, vulnerability management, Active Directory monitoring, credential protection, DNS security tools, SIEM, DLP, and encryption.

16:10 (BST)

Questions to the Panel of Speakers

16:25 (BST)

Closing Remarks from the Conference Chair

16:30 (BST)

Conference Closes

Delegates Depart

Please note:
Whitehall Media reserve the right to change the programme without prior notice.

Follow us on social

Keep up to date with what's going on by following us on social media.

Featured blogs

Read the latest news and views from key industry figures and thought leaders.

Uniting large-scale, complex businesses with PowerSyncPro
Blog by: PowerSyncPro Mergers and acquisitions involving tens – or even hundreds – of thousands of users require complex tenant-to-tenant migrations. Traditionally, those migrations have been fraught with problems. Problems that impact your people, your productivity and your profit. Combining solid preparation with the right software solution can dramatically reduce the pain involved. Enter PowerSyncPro:...
Considering Passwordless? Here’s How to Do It
Blog by: CyberArk When creating a new password, you know the drill – it must be at least eight characters long, contain special characters and avoid sequential characters or be based on dictionary words. Although these requirements can be a pain in the neck and seriously hamper end user experience, they are not a sign...
Analytics and AI: Pioneering the Next Chapter in Identity Security
Blog by: Saviynt Identity proliferation, access sprawl,  over-provisioned access, and reviewer fatigue will continue to grow in your identity ecosystem. In the rapidly evolving landscape of identity security and governance platforms, a few tipping point technologies have emerged. The potential is immense – how do you harness the power? Right start your identity strategy with...