Programme @

MIM Europe Confex 2022

Machine Identity Management Europe

8 February 2022

Brought to you by Whitehall Media

Programme @ MIM Europe Confex 2022

Session One

strategy & governance

09:15 (GMT)

Conference Chair's Opening Address

Dr Gilad Rosner
Founder, IoT Privacy Forum; Expert in Public Policy of IoT & Identity Management; Privacy and Technology Policy Researcher
view profile

Gilad Rosner, Founder, IoT Privacy Forum; Expert in Public Policy of IoT & Identity Management; Privacy and Technology Policy Researcher

09:30 (GMT)

Evolving power of consumer data

Lauren Walker
Chief Data Officer, 2021 DataIQ Top 100
view profile

Lauren Walker, Chief Data Officer, 2021 DataIQ Top 100

What are the practicalities of delivering on the ambition of customer experience nirvana powered by data? This question can be answered by keeping pace with the change, understanding the platform necessary to win and building the right team to deliver value.

Ultimately those who are thriving in this new global digital economy are those turning data into information, information into insight and insight into a competitive advantage. It requires more than just technology to get there. It is an evolution that requires a change in perspective, new roles and change agents at many levels of your organization.

There are three “truths” to accept as you build your path to success:

1. Recognising and leveraging the platform ecosystem you’ll need in a time of seemingly unlimited technical choice.
2. Using the right lens, how do you and your team view data? How does the rest of the organisation view it?
3. Building the right team

10:00 (GMT)

Rise of Machines: Protecting your Machine Identities

Kevin Bocek
Vice President, Security Strategy & Threat Intelligence, Venafi
view profile

Kevin Bocek, Vice President, Security Strategy & Threat Intelligence, Venafi

The number of machines of all types is on the rise. Every machine requires an identity.

However, compromise, misuse, and fraud of machine identities are prime attack vectors for hackers. Errors create debilitating outages and millions in lost business. That’s why leading analysts are recommending Machine Identity Management as a top security trend.

Attend this session to learn three things your organisation can do to secure Machine Identities.

10:20 (GMT)

Extending Identity and Governance Management Into The Technical Identities Domain Security- and SoD-Aspects

Stefan Bosnjakovic
External IAG Architect, Hilti
view profile

Stefan Bosnjakovic, External IAG Architect, Hilti

Technical users are abundant – and usually a mess – in an enterprise IT framework. Managing these in a consistent way becomes a challenge. A sensible way forward is to migrate technical users to machine identities and manage them via the enterprise IAG framework similar to human identities. Depending on the type or usage of the technical users, the appropriate levels of security, ownership, governance and Segregation-of-Duties have to be applied and adjusted.

10:40 (GMT)

Panel Discussion & Audience Q&A

11:00 (GMT)

Networking Break

Session Two

integration and orchestration

11:15 (GMT)

Welcome to Session Two

Dr Gilad Rosner
Founder, IoT Privacy Forum; Expert in Public Policy of IoT & Identity Management; Privacy and Technology Policy Researcher
view profile

Gilad Rosner, Founder, IoT Privacy Forum; Expert in Public Policy of IoT & Identity Management; Privacy and Technology Policy Researcher

11:20 (GMT)

Why machine identities matter: MI’s as your networks weakest link

Kumud Dubey
Senior ASIC Verification Engineer, Boeing
view profile

Kumud Dubey, Senior ASIC Verification Engineer, Boeing

Machine identity attacks grew 400% between 2018 and 2019, increasing by over 700% between 2014 and 2019.

The primary method of attack is through the production of malware which is specifically designed to compromise the already vulnerable MI attack surface.

With this type of malware having witnessed a 300% growth in the last year 5 years, it is clear there needs to be a priority shift in what the industry regards as an integral part of its suite of defence capabilities.

We address:

  • Why 81% of businesses have to deal with malicious bots
  • One in four have suffered significant financial loss as a result
  • The lack of visibility as to the number of bots and
  • machines operating within the enterprise network
  • The role of threat actors in creating hundreds of malicious bots

11:40 (GMT)

PKI, Crypto and Machine Identities: Keys to IAM Strategy

Chris Hickman
Chief Security Officer (CSO) Keyfactor
view profile

Chris Hickman, Chief Security Officer, Keyfactor

The IAM practices of long-standing organizations were built for rigid structure and slow, predictable changes. The seismic shift to dynamic workloads, rapid change, agile business, and the like puts tremendous strain on these systems. This is especially true for the massive scale and high velocity of machine identities, which are growing exponentially across organizations.   The role of machine identities in enterprise IAM has reached critical importance – each needing to be managed and protected.

The stakes are high – keeping ahead of PKI challenges like certificate outages, key theft or misuse, and audits are a constant challenge.

Join Chris Hickman, Chief Security Officer at Keyfactor, as he discusses:
-Implications of unmanaged machine identities
-How to build a case for prioritizing PKI and machine identities in your organization
-New strategies and tactics to overcome security risks

12:00 (GMT)

M2M cybersecurity in retail in a post-covid world

Martin Sandren
IAM Business Analyses Manager, Ahold Delhaize
view profile

Martin Sandren, IAM Business Analyses Manager, Ahold Delhaize

The Covid pandemics has affected not only how we work and how we consume but also how we interact as humans. The changes have impacted the retail sector not only by moving business from physical stores to online marketplaces but also the ways that customers are served. A whole new range of tools have been developed to serve the customers and support the supply chain but how do we make sure that the new tools are properly secured?

• What are the challenges with securing the maintenance and monitoring loops and how do you protect the devices from supply chain attacks against the command-and-control layer?
• How do you handle securing legacy systems such as point of sales terminals?
• Can analytics and machine learning help with identifying attacks in the M2M space?

12:20 (GMT)

Questions to the speakers

12:45 (GMT)

Networking Lunch Break

Session Three

productivity & capacity

13:30 (GMT)

Welcome to session three

Dr Gilad Rosner
Founder, IoT Privacy Forum; Expert in Public Policy of IoT & Identity Management; Privacy and Technology Policy Researcher
view profile

Gilad Rosner, Founder, IoT Privacy Forum; Expert in Public Policy of IoT & Identity Management; Privacy and Technology Policy Researcher

13:35 (GMT)

Reducing the authentication overhead among trusted devices

Steven Furnell
Professor of Cyber Security, University of Nottingham
view profile

Steven Furnell, Professor of Cybersecurity, University of Nottingham

We are increasingly seeing device-to-device communication being used to reduce the authentication overhead for users across their multiple devices. For example, the proximity of a recognised device like a smartwatch can automatically unlock a computer without prompting for the password or biometric that would otherwise be needed. The user consequently benefits from a smoother experience with fewer explicit security interactions.

This presentation examines how we currently see such approaches in practice and then looks at potential future directions into which they may extend as the technology advances.

• The user experience of authentication and repeatedly proving their identity
• Reducing the authentication burden across multiple devices
• The potential for extending such approaches across a wider range of devices
• The desirability of permitting access on a more granular, device-dependent basis

13:55 (GMT)

Visibility, Control and Automation – The three tenets of Machine Identity Management

Peter Galvin
Senior Security Architect, AppViewX
view profile

Peter Galvin,  Senior Security Architect, AppViewX

Machine identity management has become a top priority as organizations evaluate new and alternative approaches to securing a growing, cloud-driven, distributed environment. Digitization has led to massive growth in machines or digital assets, opening up a vast attack surface. Securing these distributed assets and their communication is critical for data security. However, with network perimeter fast disappearing, digital security has become a significant challenge for organizations.

Machine identities, which include digital certificates and keys help, establish trust by authenticating and authorizing every entity on the network, regardless of where they are, before providing them with network access. Machine identities are also the true enforcers of the zero-trust philosophy that demands strict authentication to ensure that “the right people have the right access to the right data.”

There are two critical reasons why enterprises today struggle with machine identity management:

  • Lack of visibility into the certificate infrastructure
  • Lack of control over certificate lifecycle processes

Join this session to know how you can bridge the gap and manage machine identities efficiently with:

  • holistic visibility into your certificate infrastructure
  • complete control of certificate lifecycle management with automation

14:15 (GMT)

Questions to the Panel of Speakers

14:30 (GMT)

Networking Break

Session Four

From your PKI to Next - Gen Satellite Services

14:45 (GMT)

Welcome to Session Four

Dr Gilad Rosner
Founder, IoT Privacy Forum; Expert in Public Policy of IoT & Identity Management; Privacy and Technology Policy Researcher
view profile

Gilad Rosner, Founder, IoT Privacy Forum; Expert in Public Policy of IoT & Identity Management; Privacy and Technology Policy Researcher

14:50 (GMT)

Next generation satellite services for remote sensing

John McDermott
Executive Council Representative, NZ IoT Alliance; Industry Collaborator, Tech Futures Lab
view profile

John McDermott, Executive Council Representative, NZ IoT Alliance; Industry Collaborator, Tech Futures Lab

Low Earth Orbit Satellite services are emerging as cost effective and high-performance platforms for remote sensing systems. Operators such as Swarm Technologies, Hiber, Myriota, Kineis and others are revolutionising the provision connectivity at any location with easy-to-use platforms.

This presentation will outline the recent progress of operators and describe the technical characteristics and capabilities of these satellite systems. Swarm Technologies (acquired by SpaceX 2021) will be presented as a leading example of an operating platform.

Industry sectors of agriculture, maritime, utilities and primary industries will be used as examples of practical deployments.

• What is the capability of LEO IoT satellite systems?
• What end use applications are practical?
• How does satellite compare to land based wireless?
• What challenges and constraints are there to using LEO IoT satellite systems?

15:10 (GMT)

Is your PKI a POS?

Jon Lehtinen
Director, Identity & Access Management, Board Member, IDPro
view profile

Jon Lehtinen, Director, Identity & Access Management, Board Member, IDPro

Public Key Infrastructure (PKI) plays a crucial role in your organization’s IAM & infosec programs.

Despite its criticality, PKI is frequently treated as a second-class citizen, failing to get the resources, executive sponsorship, or focus that other technologies do. However, PKI is so much more than ensuring your web TLS certs don’t expire. The SolarWinds incident and its mitigations highlight the criticality of a rigorous certificate management program in securing your organization.

But what does a “good” PKI program look like?

In this talk, Jon Lehtinen walks you through the steps you can take to improve your PKI program’s maturity & secure your certificate estate through a comprehensive PKI program- including tips on creating and driving adoption of PKI policy & governance, and technical controls.

15:25 (GMT)

Questions to the Panel of Speakers

15:40 (GMT)

Closing Remarks from the Conference Chair

15:45 (GMT)

Conference Closes

Please note:
Whitehall Media reserve the right to change the programme without prior notice.

Follow us on social

Keep up to date with what's going on by following us on social media.

Featured blogs

Read the latest news and views from key industry figures and thought leaders.

Jetstack Secure Answers the Call to Boost Cloud Security [Encryption Digest 56]
Have you gotten the memo? Migrations to cloud-based environments are accelerating faster than ever! Cyberattacks have become increasingly more sophisticated, forcing industry leaders and organizations across industries to strengthen cybersecurity and make the switch to modern data platforms. Most businesses have moved their data and applications over to cloud platforms, and those that haven’t are already...
Why You Should Integrate SSH Machine Identities Across Your Technology Ecosystem
SSH machine identities are used to access nearly all the technology solutions that are deployed across your expanded network and security infrastructure. As a result, you need to be prepared to integrate and orchestrate SSH machine identities across a multitude of enterprise IT systems.   Click here to continue reading   More: Venafi Blogs...
What is Ransomware-as-a-Service (RaaS)? Need-to-Know in 2022
Cybersecurity threats are only increasing as the digital transformation continues. And one of the biggest threats in 2022 is Ransomware-as-a-Service (Raas), which offers bad guys easy access to all the essential resources to launch a ransomware attack.   Click here to continue reading   More: Venafi Blogs  ...