Programme @ IDM

Conference Chair – Bharat Thakrar, CISO and Principal Security Lead, Information Security Forum

The past couple of years have seen some of the most daring and costly breaches in data history, with many of these being identity and credential based. How well IDM professionals understand the implications and respond with effective IAM solutions will determine the degree of their organisation’s resilience. The keynote will provide the backdrop for the major trends and the new advances IDM professionals need to adopt, including:

• Revamping identity management to include machine identities;
• Integrating identity governance and PAM into hybrid/multicloud environments;
• Zero trust as a driver for continuous ID verification & effective entitlement management.

Paul Squires, Lead Identity Strategist, SailPoint

Identity Governance and Administration (IGA) is a critical component of any organisation’s cybersecurity strategy. But we know that some identity programmes in the past have failed to reach their expected destination, with failures and abandonment, then others not delivering the true value expected. In this session we’ll look at;

• how to avoid some of the pitfalls and challenges that can set you off course,
• why choosing a good navigator with the right experience and focus on the right goals can make all the difference.
• when a well-founded IGA programme, delivered efficiently, can increased value and help you progress to a greater level of maturity.

Steven Furnell, Professor of Cyber Security, University of Nottingham

User authentication represents the frontline face of cyber security for millions of users and despite various alternatives and enhancements, continues to be dominated by passwords. At the same time, passwords continue to be used badly and the blame is commonly laid at users for failing to follow good practice. However, there is also a clear argument that some responsibility rests with the sites and services that are requiring passwords to be used. Drawing from a recent assessment of the password guidance and enforcement on leading websites, the presentation examines the extent to which users are being offered support or left to fail.

Specific themes of the discussion include:

– Whether users are being guided to understand good practice
– Whether such good practice is enforced when passwords are chosen
– How the situation has changed over the years
– The implications in the wider cyber security context

Máté Barany, Account Executive, Ping Identity

As the number of digital touchpoints in the customer journey rises, IT teams are relying on customer identity to optimize security and user experience. But, ensuring one doesn’t overshadow the other often requires multiple integrations and custom development that add internal friction and slows down innovation.

Join this session to see how you can use identity orchestration to eliminate roadblocks and increase cross-functional collaboration to get seamless, secure customer experiences to market faster. You’ll learn how Ping’s approach to building, testing and optimizing secure digital journeys using an intuitive drag-and-drop interface combined with out-of-the-box integrations can boost IT agility to meet every business requirement.

Manoj Kumar, Director and Global Head of Identity and Access Management, Philip Morris International

Enterprises are driven by social, political, and economic headwinds today that drive them to change and adapt more quickly to disruptive developments. Mergers, de-mergers, acquisitions, integrations, and spin-offs are the order of the day, as enterprises adapt to new realities. The traditional IT organisation does the heavy lifting in the engine room, encumbered as we usually are with systems that are built for permanence. Identity and Access Management systems fall in this mix and are in fact the front for much of this change. The presentation will cover the following:

• Design considerations that underpin a resilient and modular identity infrastructure
• Identity personas driving the need for “plug and play” Identity infrastructure
• What should REALLY be the difference between the management of a third party and a standard colleague identity?
• The new “North Star” in Identity Governance and how do we get there?

Manoj will be using use a real life case study as a reference.

Mark Lillywhite, Senior Sales Engineer, Delinea

The cyber insurance industry is evolving fast to help your business mitigate risk. Cyber insurance offers a safety net for businesses threatened by the rapid growth of insider cybercrime and external cyber threats, particularly ransomware. While cyber insurance has been a reliable safety net for years – driven by accelerating insider cybercrime and exploding ransomware attacks – things are changing fast. It’s important to understand the dynamics of the rapidly changing market and consider how well your security controls will stand up to an insurance company’s review.

This session will help you answer common questions about cyber insurance and ensure you get all the facts you need.

We will cover:

1. The factors driving the skyrocketing costs of cyber insurance
2. The security controls cyber insurance companies expect you to have
3. Why cyber insurers care about PAM
4. Explore the value of a continuous risk management approach to cyber risk and how it enables cyber insurers to reach their goals

Refreshments Served in the Exhibition Area

Bharat Thakrar, CISO and Principal Security Lead, Information Security Forum

Alex Santos, Chief Product Officer, CyberIAM
Robert Raynor, Presales Consultant, CyberIAM

In today’s rapidly evolving business environment, the necessity for employing various state-of-the-art technologies from a multitude of vendors is undeniable. However, this approach brings complexity in the management of these technologies. How can a business truly see the overall health of their environment with multiple views?

In this session Alex & Robert talk around CyberIAM’s new platform, ServiceIAM, and how it’s focused on showing what ‘good’ really looks like when it comes to environment health. The session will also speak around the following:

• How to measure, monitor and maintain your environment in a single view using industry leading solutions from BeyondTrust, CyberArk, Microsoft Azure, SailPoint and Ping Identity
• How CyberIAM deliver a platform focusing on best practices and operational risks

Ros Smith, Senior Technologist, Ofcom

The Online Safety Bill was introduced in the UK Parliament on 17 March 2022, and is going through the parliamentary process.  As currently drafted, it will require services which host user-generated content and search engines to have systems and processes for protecting individuals from certain types of harm online and require pornography providers to ensure children are not normally able to encounter pornographic content. Any such service which has significant numbers of UK users, or which is targeted at the UK market will have new duties and must comply with the new law.  Ofcom is due to become the regulator for the Bill and in this talk Ros Smith will:

• Introduce Ofcom and outline its range of responsibility;
• Introduce the Online Safety Bill and the key points;
• Highlight some of the key areas that have a link to Digital Identity;

Chris Butchart, Solutions Engineer BeyondTrust

Join BeyondTrust and learn the how you can break the attack chain and establish a solid foundation for security project success. Chris Butchart, Solutions Engineer will cover:

• Common attack chain entry points
• Practical steps you can take to block entry
• How PAM ensures project success

View seminar sessions

Served in the Exhibition Area

Bharat Thakrar, CISO and Principal Security Lead, Information Security Forum

Craig Ramsay, Senior Solution Architect, Omada

80% People & Process, 20% Technology – that’s the split when looking at good Identity Governance. So, when it comes to modernizing your approach to Identity Governance, it’s more than just picking a new solution to deploy. Join this session with Omada where we will explore the drivers for modernization and share knowledge and experience of successful deployments and migrations of modern IGA – including how to avoid some of the most common pitfalls that identity programs face.

Gbola Gbadamosi, Head of Identity Management, The London School of Economics and Political Science (LSE)

This presentation examines potential Identity and Access Management risks and vulnerabilities that organisations may face as a result of rapid advancements in artificial intelligence (AI). The presentation will also offer strategies and best practices to help mitigate these risks and stay informed about evolving AI threats.

• Publicly available generative AI and Large Language Models (LLMs) can be used by attackers to compromise identity security in several ways.
• The complexity, capability and availability of AIs is increasing at an incredible pace; keeping up with developments in this area is crucial.
• Organisations of all sizes must review and renew IAM policies to ensure they are fit for the future

David Hitchen, Senior Solutions Architect, Semperis

In the aftermath of an identity attack that compromises Active Directory, how can you quickly recover and restore trust in AD? Hear real-world examples that illustrate how you can perform attack forensics without alerting the attacker, build a defence, recover Active Directory, and make AD more resilient to compromise in the future.

Learn the simple steps that your organisation can take to improve your Active Directory security posture and protect AD against today’s widespread cyber threats.

Refreshments served in the Exhibition Area

Bharat Thakrar, CISO and Principal Security Lead, Information Security Forum

Frank Reboiras, Director of Solutions Engineering, TrustCloud Inc.

The recent pandemic had greatly accelerated the need for remote identity verification world wide. Learn how through a two-minute video call, a biometric analysis, the verification of official ID documents and the proof of life demonstrate in real time if the customer is who they say they are, and if the person verified is the same person who appears on the session.

During this session we will examine how some of the largest banking, online payments and insurance firms can verify the identity of their clients with all the guarantees, remotely, in real time, through a safe and guarded system of intelligent video calls, both automated or assisted.

Via a real life customer success story with one of the world’s largest money transfer services, you will understand how with the use of video technology, the true identity of the customer can be recorded, with simultaneous “layers” of authentication in a single, frictionless process, thanks to the easy and seamless usability with which it is developed for both customer and business.

Join this session to discover how remote identification technology, governed by a powerful orchestration layer, can help to achieve effective, regulatory compliant and secure customer identification.

Amardeep Ginday, Identity & Access Management Lead, Vanquis Bank

Amardeep will be speaking from personal experience on weak IAM functions within businesses that have not fully invested in IAM (or at all) until there is a breach.

He attends various Identity Conferences and will be giving feedback on IAM trends shaping the future of security.

Bharat Thakrar, CISO and Principal Security Lead, Information Security Forum

Delegates Depart