Programme @

IDM uk

Identity Management

9 November 2021

Brought to you by Whitehall Media

Programme @ IDM uk

Session One

the people, principles and processes which make up a successful IAM enterprise

  • How to become a better communicator: collaboration is key
  • Starting an IAM programme: how to succeed in project management
  • Accounting for the privacy-personalisation conundrum
  • Scoring your IAM maturity against your business needs
  • Understanding the value of PAM: protecting every privilege in every setting
  • IAM for the people! How to govern in the digital age

09:15

Conference Chair's Opening Address

09:25

How to become a better communicator: collaboration is key

A significant issue for IAM leaders is effectively communicating security concerns and establishing sustainable lines of communication.

In place of clear, accessible, and business-relevant information, cybersecurity professionals often fall back on terminologies that fail to align with business goals situated outside of the IT function.

We address, the benefits of communication, the consequences of miscommunication, and how to bring together IAM practitioners and other business elements.

09:40

Quo Vadis Identity Management? We are moving into the cloud and abandoning data centres - now what?

Stefan Bosnjakovic
External IAG architect, Hilti AG
view profile

Stefan Bosnjakovic, External IAG architect, Hilti AG

Many big international enterprises are moving into the cloud and shutting down their traditional data centres to reduce complexity and get rid of expensive international MPLS lines – and so is Hilti.

This poses a big problem for companies as cloud services like Microsoft Azure/Office365 or Amazon AWS cover pretty much basic IT needs, but IAM vendors do not/cannot keep up with the rest of the industry and IAG vendors even more so.

Most of the established vendors also offer cloud/SaaS/IaaS solutions, but these are quite stripped down compared to their on-prem counterparts and pure IaaS solutions customizability.

So, vendors are not there yet, but customers are. consequently, we need temporary solutions to allow a smooth transition.

I try to describe a possible way forward in this presentation.

10:00

Biometrics - A revolution in waiting

Steve Furnell
Professor of Cyber Security, University of Nottingham
view profile

Steve Furnell, Professor of Cyber Security, University of Nottingham

For many years, biometrics held a steady position as the ‘next big thing’ in user authentication. However, the last decade has seen them become commonplace technologies, particularly due to their increasingly standard integration into mobile devices.

Despite this, however, passwords still remain the dominant form of user authentication in more general activity. Have biometrics failed to fully deliver on their promise, or is the real revolution yet to come?

This presentation will examine these issues, with attention toward:

• the desirability of biometric authentication for both end-user and enterprise usability
• the uptake and impact of biometrics to date
• underlying differences in current deployments
• future potential within our device ecosystem

10:15

Questions to the Panel of Speakers

10:30

Networking Break

Session Two

10:45

Introduction to session two

10:50

5 Trends in CIAM to watch

Jamie Hughes
CIAM Product Manager, Beyond Identity
view profile

Jamie Hughes, CIAM Product Manager, Beyond Identity

  • Customer experience has been identified as the top competitive differentiator across all industries, if customers reject transactions because of forgotten passwords you can be losing revenue
  • 57% of consumers polled have identified a passwordless process as being preferred
  • 35% of respondents polled said they have experienced difficulties with multi-factor authentication when a second device was required and that this made them cancel their transaction
  • Beyond Identity can proceed a seamless, frictionless and secure passwordless MFA experience

11:05

Why machine identities matter: MI’s as your networks weakest link

Kumud Dubey
Senior ASIC Verification Engineer, Boeing
view profile

Kumud Dubey, Senior ASIC Verification Engineer, Boeing

Machine identity attacks grew 400% between 2018 and 2019, increasing by over 700% between 2014 and 2019.
The primary method of attack is through the production of malware which is specifically designed to compromise the already vulnerable MI attack surface.
With this type of malware has witnessed a 300% growth in the last year 5 years, it is clear there needs to be a priority shift in what the industry regards as an integral part of its suite of defence capabilities.

We address:

• Why 81% of businesses have to deal with malicious bots
• One in four have suffered significant financial loss as a result
• The lack of visibility as to the number of bots and machines operating within the enterprise network
• The role of threat actors in creating hundreds of malicious bots

11:20

IAM for the people! How to govern in the digital age

As the IAM market continues to evolve at a rapid rate, extra demands are being placed on IAM governance models lacking in sustainability.

The driving force behind the need to amend existing IAM governance frameworks  is increased demand for cloud enabled IGA solutions, a quicker time to value expectation and enterprise migration away from on-prem software to the cloud.

We address, how SaaS delivered IGA can automate processes and reports which deliver on your governance and compliance needs and respond in real time to protocol violations with built-in automated workflow management.

11:35

Questions to the Panel of Speakers

11:50

Networking break

Session Three

  • Mapping your customer base: architecting an identity graph
  • Supporting your mobile workforce: mobile identity platforms
  • Password-less authentication: achieving the required distribution
  • Make privacy matter: adopting an always-on approach
  • Adopting a hierarchical order of system control: ABAC and RBAC
  • Accelerate the adoption of a decentralised identity platform

12:05

Introduction to session three

12:10

Mapping your customer base: architecting an identity graph

One of the ways in which businesses can better manage customer identity and access demands and consolidate their identifiers is with the deployment of an architected data warehouse which takes account of the many points of contact that customer digital identities have within the enterprise network and the digital prints they leave behind.

We address:

  • Deploying an identity graph
  • Identity as a multi-faceted asset
  • Privacy-compliant identification
  • Creating greater linkage between business and customers
  • Establishing a universal ID

12:25

Supporting your mobile workforce: mobile identity platforms

2020 was the year in which mobile working became much more established for businesses, with many now having chosen to either keep the majority of its workforce remote or to move away from the office entirely.

This development, for all its positives, has also made the job of IAM leaders more difficult as the enterprise ecosystem has taken on a more complex, varied, and layered outlook.

We address:

  • Identifying users and devices in a mobile landscape
  • Convergence of mobility management and IAM technologies
  • Implications of this ‘new normal’ for the digital workplace

12:40

Password-less authentication: achieving the required distribution

Passwords are increasingly faced with either becoming a component of an MFA strategy or being eliminated from the IAM process entirely.

The driving force behind the effort to create a truly passwordless platform is to improve user and customer experience, add security layers and address the fact that users have still not improved how we manage our password portfolios.

We address, how to adopt a universal approach to passwordless authentication, better manage the technology constraints you will encounter, and understand what the best model for your business is in order to derive the most value.

12:55

Questions to the Panel of Speakers

13:10

Networking Lunch and Refreshments served in the Exhibition Area

Session Four

13:45

Seminars A - C

14:30

Networking Break

Session Five

14:45

Seminars D - F

15:30

Networking Break

Session Six

15:45

Introduction to session six

15:50

Make privacy matter: adopting an always-on approach

Organisations like Cambridge Analytica once boasted of their capability to mine, link, and exploit the data of billions of Facebook users in the service of a premium customer with devious motivations. Today, with public knowledge of this type of exploitation growing, customers are demanding businesses limit the possibility of their digital identities being subject to misuse.

We address:

  • Implementing a zero-trust approach to IT security
  • Adopting a CARTA strategic approach to security and risk
  • Continuous security assessments
  • Prevent internal fraud from insider threats
  • Achieve a more private space for customer interaction

16:05

Adopting a hierarchical order of system control: ABAC and RBAC

As authorisation architecture evolves at an impressive rate in response to the trend towards greater digitisation of workloads in hybrid IT environments, IAM leaders are having to design and orchestrate greater linkage between their RBAC and ABAC hierarchy.

We address, how to create a dynamic authorisation environment which will support the ever-expanding need to facilitate fine grain access.

16:20

Accelerate the adoption of a decentralised identity platform

Megha Rastogi
Lead Product Manager, Machine Learning & Identity Access Management, SurveyMonkey
view profile

Megha Rastogi, Lead Product Manager, Machine Learning & Identity Access Management, SurveyMonkey

Our online identity is, in many respects, a multi-dimensional entity that is stored across a myriad of platforms. Where exactly our digital personas are stored is for most of us a mystery.

Not knowing where our identity is and who has access to it makes our data highly vulnerable as hackers are constantly on the hunt for honey pots to exploit personal information.

We address:

  • The vulnerabilities of aggregated online systems
  • Rethinking how identity solutions interact with one another
  • Embedding digital identities in modern transactions
  • Removing identity mediators
  • Moving control points to the edge of the network
  • Blockchain identity as a trust enabler

16:35

Questions to the Panel of Speakers

16:50

Closing Remarks from the Conference Chair

17:00

Conference Closes

Please note:
Whitehall Media reserve the right to change the programme without prior notice.

Follow us on social

Keep up to date with what's going on by following us on social media.

Featured blogs

Read the latest news and views from key industry figures and thought leaders.

Six Questions Secret Server Answers in the Latest Updates
Written by Barbara Hoffman You asked and we answered. We’ve been listening to questions Secret Server customers ask and working hard to make the industry’s top PAM solution even better. We’re excited to share a batch of updates to Secret Server that address your top concerns. 1. Is it possible to get rid of secrets and related data...
Digital Consultation for Identity Launch
The UK government has launched a consultation towards its latest plans for digital identity. The Department for Digital, Culture, Media and Sport (DCMS) aims to gather viewpoints from interested parties towards proposals of making digital identities trusted and secure like official documents. Establishing the Trust Mark Following on from the publication of a draft digital...
Homeland Security Adds Ping Identity
Two of Ping Identity’s solutions have been added to the Department of Homeland Security (DHS) Continuous Diagnostics and Mitigation (CDM) Approved Products List (APL). Confidence in Vetting Highlighted in the Executive Order on Improving the Nation’s Cybersecurity, the program presents resources that provide agencies with the ability to select vetted technology at a more confident...