Programme @

MIM Europe Confex 2022

Machine Identity Management Europe Confex

8 February 2022

London

Programme @ MIM Europe Confex 2022

Session One

strategy & governance

09:15 (BST)

Conference Chair's Opening Address

09:20 (BST)

Manage and protect your machine identities: does your business have a MIM security strategy?

Phil Demetriou
President, UCL Technology Society
view profile

Phil Demetriou, President, UCL Technology Society

In our opening address, we explore today’s machine identity-driven enterprise industry, why it is growing twice as fast as human identities on organisational networks, their rapidly increasing productive presence in the form of RPA, roboticization, and IoT, and why more than 50% of businesses find it so challenging to protect against bad actors.

09:40 (BST)

Secure and govern your non-human identities

A growing concern for MIM and IAM practitioners is the extent to which an unknowable number of bots, physical robots, and IoT devices are connected to their networks.

Of equal concern is the extent to which these devices store or interact with critical data.

We address how to:

Boost productivity without adding to operational challenges
Streamline discovery, lifecycle, management, and compliance requirements
Reduce your threat surface
Establish an effective strategy to manage and govern advanced, non-human identity types

09:55 (BST)

Why machine identities matter: MI’s as your networks weakest link

Kumud Dubey
Senior ASIC Verification Engineer, Boeing
view profile

Kumud Dubey, Senior ASIC Verification Engineer, Boeing

Machine identity attacks grew 400% between 2018 and 2019, increasing by over 700% between 2014 and 2019.

Kumud Dubey, Senior ASIC Verification Engineer, Boeing

The primary method of attack is through the production of malware which is specifically designed to compromise the already vulnerable MI attack surface.

With this type of malware has witnessed a 300% growth in the last year 5 years, it is clear there needs to be a priority shift in what the industry regards as an integral part of its suite of defence capabilities.

We address:

  • Why 81% of businesses have to deal with malicious bots
  • One in four have suffered significant financial loss as a result
  • The lack of visibility as to the number of bots and
  • machines operating within the enterprise network
  • The role of threat actors in creating hundreds of malicious bots

10:10 (BST)

Panel Discussion & Audience Q&A

10:30 (BST)

Networking Break

Session Two

integration and orchestration

10:50 (BST)

How to strengthen business-wide machine security

The more challenging a machine threat surface is to protect, the more resources that have to be directed towards providing an adequate defence.

By taking a least privilege access approach to managing machines, your business will provide itself with the best chance of securing the integrity of its machine identity interoperability.

We address, how a Zero-Trust approach factors in the inadequacy of legacy approaches to endpoint governance and security, the complexity of inter-machine relationships, and the rate at which they are evolving.

11:05 (BST)

Limited visibility concerns: managing shorter certificate lifespans

Despite the increase in enterprise facilitation of machine identities to drive productivity and interoperability, many still depend on an array of CA provider tools, spreadsheets, and in-house built solutions to manage digital certificates.

In reality, a dedicated certificate lifecycle management solution, which has automation baked into it, would provide the necessary platform through which to verify key machine identifiers.

We address, the limitations of manual processes, how they are prone to error, and why automation is the key to handling the lifecycle of certificates, from servicing requests to issuance and installation, and eventually revocation or renewal.

11:20 (BST)

How to implement a modern approach to PIM management

96% of companies agree that the effective protection of machine and human identities is critical to the long-term security and viability of their organisations.

Despite this, 80% struggle to realise the value of vital machine identity protection capabilities, where to source them, and how to implement.

We address how a modern PIM solution can:

  • Improve tracking of machine identities
  • Automation of comprehensive MI discovery
  • Enhanced cryptographic security event response times
  • Effective replacement of vulnerable certificates and identities

11:50 (BST)

Panel Discussion & Audience Q&A

Session Three

productivity & capacity

12:10 (BST)

The great migration: machine identity management for the extended enterprise

2020 was the year in which the great migration to remote working extended the enterprise environment from a globally dispersed and yet largely fixed set of locations and connections to one which in human and machine identity-driven interactions took on a decidedly anarchic disposition.

We address, how accelerated digital transformation has created unprecedented vulnerabilities, why machine and human identity is the security battleground, the criticality of just-in-time AI-driven context-based grant authorisation, and what you can do to ensure workforce productivity isn’t compromised by threat spread.

12:25 (BST)

Unite the tribes: MIM + DevSecOps = digital business enabler

By uniting your DevOps and IAM/MIM teams you can simplify the process of securing non-human identities across DevOps pipelines.

Join us as we map out how you can maintain security at the speed of innovation by protecting application code within the digital supply chain, support business agility and provide a friction-free experience for developers.

We address how to:

  • Keep application and automation tools secure
  • Give applications access to the credentials they need
  • Reduce the burden on developers whilst strengthening agility and security

12:40 (BST)

Full visibility of machine identities across your clouds and clusters

Full visibility of your machine identities provides both your operations and security teams with the best opportunity to deliver on their need for top-tier platform automation, which aligns with best-practice security.

We address, how you can give platform leads the confidence to scale-up infrastructure with full automation which is integrated with the necessary enterprise security standards.

  • Deliver comprehensive protection for machine identities
  • Solve real-world challenges when scaling with Kubernetes and OpenShift
  • Ensure certificates continue to interoperate securely with automation
  • Identify and mitigate operational or security risk
  • Provide an interface of all machine identity configurations

12:55 (BST)

Questions to the Panel of Speakers and Delegates move to the Seminar Rooms

13:10 (BST)

Seminar Sessions

Session Four

safe ways of working

15:30 (BST)

Eliminate certificates outages: by all means necessary

Stopping certificate-related outages is critical to business continuity, security, and customer relations.

As the number of machine identities increases, your ability to assess the progress, and increase the adoption, of a secure, reliable and robust outage prevention safety net will become an even greater security imperative.

We cover the main pain points of certificate-related outages, what you need to do when sites, services, and applications fail, and how to avoid production-intensive, costly, and business-viability challenges.

15:45 (BST)

Machine-to-machine communication: who else is listening?

Enterprise security frameworks for machine-to-machine devices and networks is in serious need of an industry-wide upgrade.

This is a reality that has only been reinforced by infamous examples of successful cyber hacks such as Stuxnet, which continues to target Iranian nuclear facilities, to the 2017 hack of the US electricity grid in which a multi-stage intrusion campaign secured remote access to highly sensitive energy sector networks.

We address:

  • Secure and monitor your entire suite of machine identities
  • Understand machine-to-machine communication risk
  • Control your internal and external data flow
  • Prevent hostile actors from drilling and pivoting within your network
  • Provide quick, secure access to keys and certificates

16:00 (BST)

AIOps as the new enterprise perimeter

The COVID-19 pandemic has obliterated the traditional firewall model of security. With each new technology, from cloud migration to DevOps processes, the concept of the network perimeter has truly disintegrated.

By deploying AIOps you can better manage the transition from legacy to integrated log monitoring systems which can capture, analyse, and report anomalous activity across your network, regardless of situational spread.

Join us as we explore how to:

  • Identify machine endpoint and configuration anomalies in real-time
  • Contribute to business continuity
  • Troubleshoot infrastructure problems with advanced monitoring and observability capabilities

16:15 (BST)

Questions to the Panel of Speakers

16:30 (BST)

Closing Remarks from the Conference Chair

16:35 (BST)

Conference Closes

Please note:
Whitehall Media reserve the right to change the programme without prior notice.

Follow us on social

Keep up to date with what's going on by following us on social media.