Why Identity and Access Management should be part of your GDPR plan

19th October 2017

It’s crucial to understand that the General Data Protection Regulation (GDPR) is not a technology issue alone. When it comes into effect on 25 May […]

As GDPR looms – CPO/DPOs can play a lynchpin role

13th October 2017

The enforcement date for the General Data Protection Regulation (GDPR) is approaching rapidly. As we near the 25th May, 2018, deadline it is crucial for […]



Future Proofing your IAM Programme

We explore how IAM can become a key enabler to organisations. Through cross-sector case studies and industry perspectives we charter key IAM imperatives including accountability, transparency, user experience and managing trust, privileges and entitlements. The early morning session will also explore:

  • Why businesses require identity governance
  • Examples of successful deployments of comprehensive, customer focused identity management infrastructures
  • The impact of identity management investment on top-line revenue
  • How to use IAM to achieve business goals and empower digital business
  • The changing security landscape and disruptive technologies
  • Operationalising identity intelligence for efficiency and risk mitigation
  • Identifying future trends in the IAM space
The Conference Chair’s Opening Remarks

Sarb Sembhi, Past President, ISACA London

Open Banking with Ping Identity

Rob Otto, Senior Regional Solutions Architect, Ping Identity

See a demo of how Ping Identity’s open banking solution supports OAuth 2.0/OIDC and the Financial API. The demo will provide visibility into the secure construction and analysis of token contents consumed by the banking API’s necessary to complete secure transactions between entities. In addition, it will show how to enforce the user-driven consent, policies and scope required to enable and disable aggregation of transaction data exposed via API’s to AISP web and FinTech applications, for consolidation and presentation to the account owner.

Whilst specific to the finance industry, this showcase will highlight how Ping Identity can help customers large and small meet complex use-cases with a comprehensive Customer IAM suite.

Identity Systems at Scale: A Pragmatic Look at Standards, Certification, Trust Frameworks and Registration

Don Thibeau, Chairman and President, Open Identity Exchange

Open standards like HTTP, OAuth, and OpenID Connect allow competing organizations to add value to their services, platforms, and products by ensuring interoperability across commercial, banking and government ecosystems.

Open standards can be a powerful tool set for developers. But identity systems require rules that address liability as well as ensure technical conformance. This presentation is a pragmatic look at ensuring conformance to open standards via self-certification using the ground-breaking OpenID Certification Program as a case study. We’ll look at how technology tools like standards and self-certification can be fit for purpose with governance rules that define the business, legal and technical requirements of identity systems. We’ll pay particular attention to how trust frameworks assign and enforce liability in complex identity systems. We’ll outline how registering trust frameworks ensure the transparency needed to build and maintain the trust needed in identity systems at scale.

The presentation concludes with presenting current, real world use-cases of identity systems at scale. We’ll highlight how technology tools and governance rules are enabling global identity projects. We’ll overview the Open Banking initiative in the UK, the International Air Travel Association (IATA)’s “One Identity” Program and other global identity initiatives.

A Smarter Way to Manage Identity in a Changing Security Landscape

This session will look to elaborate on key elements of successful IAM deployment by exploring:

  • The cyber threat landscape and trends
  • Identifying challenges of large scale enterprise IAM
  • Guidelines for success – letting the right people and devices in the network and keeping the wrong ones out
  • The relationship between IDM and Infosec
  • Regaining access control over resources you don’t control
  • Scaling and growing according to your needs and capability
  • Future proofing IAM investment
How to Overcome the Limitations of a Traditional IAM Approach with Identity Analytics

Cyril Gollain, Chief Executive Officer, Brainwave GRC

In a traditional IAM approach, one has to balance the operational effectiveness of the IAM initiative with the growing costs of deployment and maintenance. This is especially true for older bespoke systems or “tier-2” applications for which there is seldom any justification for full IAM automation.

• However, critical security and compliance risks can oftentimes be found in the dark corners of the Information System.
• A comprehensive approach should therefore provide the means to control and audit all resources while focusing IAM automation where justified. 
• Brainwave GRC provides innovative Identity Analytics technology embracing the breadth and depth of analysis which are required to effectively assess risks, detect inconsistencies and remediate issues across all resources.


Case Study: Segregation of Duties from Risk Identification to Remediation

Edina Dobos, DBS Governance & Controls Senior Manager – Global SoD and Application Controls, Diageo

This presentation will provide an overview of SoD risk assessment in the business and IT context and approaches to managing risks with specific reference to the balance between mitigation and remediation.


Questions To The Panel Of Speakers
Morning Networking and Refreshments Served in the Exhibition Area
Case Study: ForgeRock



A Review of The Changing Landscape and How Identity & Access Management Solutions are Adapting to Meet These Challenges

Andy Bryars, Senior Customer Success Manager, Okta

Identity & Access Management is moving from being one of many components of the legacy IT infrastructure stack to being at the center of how enterprises manage IT and power digital transformation across all aspects of their business. Combined with latest trends towards mobile first, IoT and big data this is having an impact on the pivotal role of managing identities for employees, partners and customers. This session explores how Okta views this landscape and how we are uniquely placed to meet these challenges.

Questions to the Panel of Speakers and Delegates move to the Seminar Rooms
Seminar Sessions
Networking Lunch Served in the Exhibition Area

Session TWO – The Future of IAM in Enterprise

  • Defining an IAM strategy, Benchmarking Performance, Identifying and Overcoming Challenges
  • Exploring how to maintain, monitor, improve, optimise and govern IAM infrastructure
The Conference Chair Opens the Afternoon Session
What My IAM Looks Like

Tarun Sharma, Solutions Architect, Telegraph Media Group

This presentation will explore what an organisation should look for when selecting an IAM solution. It will discuss:

  • What aspects should be covered before starting to look for various IAM solutions in the market
  • What helps in defining business and technical requirements for IAM solutions
  • How important it is to select and execute a successful IAM implementation project
Consumable Access for the Enterprise

Colin Brown, Identity and Access Management Architect, BBC

The BBC is a huge collaborative endeavour, involving disparate groups of people in the creative delivery of entertainment and information. It is it no longer reasonable to expect people to put up with complex journeys and poor user interfaces or to assume an enterprise desktop. BBC Login has brought consumer standards to the enterprise to truly enable the vision of risk based access for globally mobile heterogeneous workforce.

In this presentation Colin Brown, Lead IAM Architect, will describe how the BBC has gone from concept to reality in under 12 months, describing the objectives, the outcomes and the challenges along the path to delivery.

Case Study

Madhu Chaganti, Global Head of Network Services, Product & Technology, Carlson Wagonlit Travel

A Privileged Customer Journey

Andy Harris, Chief Technology Officer, Osirium

• The Driving Forces
• Implementation
• Steady State ROI

Questions to the Panel of Speakers
Afternoon Networking and Refreshments served in the Exhibition Area
British Standards in Digital Identification and Authentication in a Regulatory Context

Andrew Churchill, MIDAS Alliance and Lead Author, British Standard PAS499

The British Standards Institution’s Publicly Available Specification in Digital Identification and Authentication, Code of Practice will have closed the public consultation a few days before conference. Andrew, lead author on the PAS, will provide an overview of the standard and how it is expected to fit in with the evolving regulatory backdrop.

An innovative approach to defining and modelling Identities across your Organisation

Ian Johns, Head of Architecture, King’s College London
Prakash Manickam, Senior BI Analyst, King’s College London

King’s College London has a population of thousands of academics and professional staff on a variety of contracts and affiliations, tens of thousands of students and distance learners and millions of visitors, guests and alumni.

In this presentation you will hear about an innovative approach King’s have taken in modelling these personas, in order to implement improvements to Identity and Data Management. Applying the concepts of Object Oriented Data Modelling, King’s have developed a simple and innovative Business Glossary that helps organisations define and manage their Identity master data.

Mobile and Identity in the Developing World

Ceri Greenland, Senior Market Engagement Manager, Digital Identity, GSMA

Preventing loss and leakage rests on effectively managing access and controls to large swathes of unstructured data. We look at how you can bolster protections and enable enforcement of access policies that give you a 360-degree view of all your assets.

Questions to the Panel of Speakers
Closing Remarks from the Conference Chair
Conference Closes with a Drinks Reception sponsored by One Identity

Please note:
Whitehall Media reserve the right to change the programme without prior notice.