1st November 2017

Privileged Access Management (PAM) and Identity & Access Management (IAM), they occupy the same space but have very different outcomes.

Why Identity and Access Management should be part of your GDPR plan

19th October 2017

It’s crucial to understand that the General Data Protection Regulation (GDPR) is not a technology issue alone. When it comes into effect on 25 May […]



Sarb Sembhi

Past President, ISACA London Chapter

Sarb Sembhi has been the Chair of the ISACA GRA Committee and a member of the ISACA Relations Board. Sarb began his career in the public sector as a Project Manager, and has more than 30 years of project management and consultancy experience.

He has gained this experience providing services to companies including the BBC, Travis Perkins, BP and Network Rail. Sarb is a regular speaker at Information Security Conferences around the world, including the CxO Dialogue, Gartner Summits, InfoSec Europe, RSA Europe, HITB, BCS, ISACA, IPSec, IFSEC, Security Directors Forum.

He is also a member of the Defence and Security Committee and the Cyber Security Working Group at the London Chamber of Commerce & Industry, Infosecurity Magazine Editorial Board, The Institute of Engineering and Technology, The Institute of Risk Management, The Chartered Insurance Institute, and was an individual member of the Parliamentary IT Committee.

Andrew Churchill

MIDAS Alliance and Lead Author, British Standard PAS499

Andrew works with Government, Industry and Academia on a range of technology and strategy issues. He has led HMG’s Cyber Crime Task Force, co-ordinated Whitehall’s defence and security technology strategy requirements. His current research interests include security and privacy concerns in authentication and Identity Management, such as for payments and online access control, and future threats and safeguards against such vulnerabilities. In addition to his first degree he holds Masters in Defence & Security Analysis (MA, Lancaster) and Information Security (MSc, Royal Holloway). ​

Cyril Gollain

Chief Executive Officer, Brainwave

Cyril is the Chief Executive Officer and Co-founder of Brainwave. Under Cyril’s leadership, Brainwave has grown from a collection of unique and innovative ideas into a market recognized leader in the identity analytics and intelligence software market.

Cyril drives the overall vision and strategy for Brainwave, which is re-enforced by his passion for building performing teams, creating an innovative work environment, and focusing continuously on the customer’s pains and needs.

Before Brainwave, Cyril held management and consulting positions at Oracle, BT Global Services and Cap Gemini. Cyril is a popular speaker at IT Security events and contributor to IAM groups and blogs. He holds degrees from Chimie Paris Tech and Imperial College of London.

Ceri Greenland

Senior Market Engagement Manager, Digital Identity, GSMA

As Senior Market Engagement Manager for the GSMA’s Digital Identity Programme, Ceri leads work with mobile operators, governments, NGOs and institutional stakeholders to bring mobile-enabled digital identity services to scale in markets across Asia, MENA, Sub-Saharan Africa and Latin America. Her work also aims to facilitate industry collaboration in developing the global digital identity ecosystem and demonstrating the social and economic value of digital identity in the mobile context. Ceri returned to the GSMA in 2017 after working at the UK communications regulator, Ofcom, where she was the policy and strategy lead for a number of rural connectivity work streams, including reform of the UK Electronic Communications Code and Ofcom’s advice to the UK Government on the design of a broadband universal service obligation. Prior to this, Ceri worked in the GSMA’s Spectrum team as the Policy Advisor for Africa and the Middle East, working with ministries and regulators across the region on spectrum regulation, mobile broadband policy and last-mile connectivity issues. She holds an MSc in Globalisation and Development from London’s School of Oriental and African Studies and earned two Bachelor of Arts degrees in International Relations and Business from the University of Redlands in California.

Colin Brown

Identity and Access Management Architect, BBC

Colin Brown has worked in the field of Identity and Access Management for the past fourteen years. Working mostly as a freelance solutions architect, he has always been the predominant driving force in defining, designing and delivering the enterprise solution that the business demands.

An impressive client list includes Aviva, Royal Bank of Scotland, The Co-operative Bank, WorldPay, EY and the BBC, as well as the vendors BridgeStream and Oracle. Before moving into IAM, he worked in both software development and support roles for consulting firms and enterprises, mainly in the insurance sector.

Don Thibeau

Chairman and President, The Open Identity Exchange (OIX)

Don is President and Chairman of the Open Identity Exchange (OIX), a non-profit, technology agnostic organization of global leaders from the private and public sectors. OIX is a test bed for business, legal and governance best practices and policies and operates the OIXnet registry. Don is Chairman of OIX UK/Europe and the Co-Chair of the OASIS Electronic Identity Credential Trust Elevation Methods (Trust Elevation) Technical Committee. 

Don is also the Executive Director of the OpenID Foundation, a standards development organization. The foundation’s membership includes leaders from across industry sectors and governments that collaborate on the development, adoption and deployment of open identity standards. Don blogs at

Edina Dobos

DBS Governance & Controls Senior Manager - Global SoD and Application Controls, Diageo

Edina is the Global SoD and Application Controls Senior Manager for Diageo, covering both IS and Business SoD control activities for the key ERP, accompanied by management assurance over ERP application controls. Having gained over 10 years in managing and improving overall response to business SoD-risks, she has expanded her remit to cover and transform IS SoD control activities.

During her career she has created the foundations of a centralized SoD operations team, standardizing and simplifying new monitoring procedures along with leading the upgrade of GRC Access Control and Emergency Access Management from a business point of view. Her experience includes, as a business acceptance lead, a major review of SoD-matrices, translation of rules into GRC solution, designing and implementing new monitoring processes and engagement to achieve management and external auditor confidence in the new procedures. Very recently she has been involved in global privileged access re-certification activities for key SAP production landscapes (ECC, APO, CRM, PLM and BW) and involved in re-designing IT Control frameworks, with special focus on access risks and control requirements.

Edina is certified in CISA, CRISC and COBIT 5 and is highly qualified in ERP security, administration and configuration.

Ian Johns

Head of Architecture, King’s College London

Ian is a strategic business leader with a track record of introducing innovative customer oriented technology solutions that consistently exceed expectation. As Chief Architect at King’s College London, Ian oversees an ambitious transformational program at one of the world’s top universities whose motto is to advance knowledge, learning and understanding in the service of society.

Prakash Manickam

Senior BI Analyst, King’s College London

Prakash is a senior Business Intelligence practitioner with over 13 years of pre-sales, strategy, consulting and delivery experience in Data Warehousing, Business Intelligence, Analytics and Data. He has worked with organisations globally in the UK, United States and India, implementing solutions that range from hundreds of gigabytes to multi-terabyte data volumes.


Tarun Sharma

Solutions Architect, Telegraph Media Group

Tarun is a solutions architect with Telegraph Media Group with more than 15 years of IT experience. He delights in the design and development of solutions which provide challenges and complexities. As a Solutions Architect he is always looking for secure, robust, scalable, elegant and cost-effective solutions to meet business and technical requirements.

Over the years, he has worked with premier organisations such as IBM, Sapient, News UK and now with Telegraph Media.

Andy Bryars

Senior Customer Success Manager, Okta

Andy Bryars has over 20 years’ experience working within the IT Security industry spending the last 15 years delivering Identity and Access Management solutions for both private and public sector across EMEA. Andy is part of the team responsible for Customer Success in EMEA for Okta, providing a consultative approach for enterprise organisations to ensure optimum utilisation of the services adopted.

Andy Harris

Chief Technology Officer, Osirium

Andy has over 25 years’ experience inventing and building unique IT networking and security products.

In a long and distinguished career including being Technical Director at Integralis. Andy has invented many leading-edge technologies including IP Network Translation Gateway, Print Symbiont Technologies for LAN-based printers and Disaster Master, a technique of continuously updating a backup site with mirrored data.

As one of the Co-Founders and CTO of MIMEsweeper, Andy was the creator of the world’s first content security solution which became the default product in its space.

Andrew went on to start WebBrick Systems which was one of the pioneering Home Automation technologies, also a forerunner to what we know as IOT devices today.

As Engineering Director Andrew has created and patented several core components in the Osirium product family.

Rob Otto

Senior Regional Solutions Architect, Ping Identity

Rob is a seasoned IAM solution architect who has 18 years’ experience designing and implementing solutions for organisations across EMEA. He is particularly interested in modern, standards-based access control using OpenID Connect and OAuth and how these can be used to underpin exciting digital transformation initiatives including PSD2 and OpenBanking.

Nick Caley

Vice President, ForgeRock

With twenty years’ experience in the security industry Nick Caley has advised global clients in industry and government on security strategy and the technologies that enable organisations to protect their most valuable assets.

Nick is responsible for Financial Services and Regulatory with a focus on guiding organisations to deliver successful outcomes beyond compliance with GDPR, PSD2 and Open Banking.



Previous Speakers

Alice Vasilescu

IT Project Officer - Connecting Europe Facility (CEF) eID at European Commission

Alice Vasilescu is acting as Policy Officer at the Directorate-General for Informatics of the European Commission. She is coordinating the technical work carried out under CEF eID and supports the Member State community that is setting up the eIDAS eID Infrastructure. Alice is an experienced IT professional, specializing in Enterprise Architecture, IT security and system interoperability for large-scale European projects.

Michael Whittlestone

Security Architect, TDC

Michael Whittlestone works for TDC as Domain Architect. After finishing his university training in London he met and married a Danish girl and has been living in Denmark since 1992. The last 10 years he has been focusing on improving TDC’s Identity Management and has recently been one of a team to choose Ping Identity as the platform of choice for TDC’s modern IDM. He has worked with several different IAM technologies and understands what the key requirements are for business to enable digital transformation whilst addressing compliance challenges. Michael has been busy preparing TDC for GDPR for the last two years, and is also working on adding non-password based secure easy authentication to TDCs login flow.

Tim Barber

VP, ForgeRock

Tim Barber is Vice President for the Communications & Media Industry at Forge Rock, where he is responsible for defining and driving forward the company’s go-to-market strategy for the C&M sector on a global basis. Tim has 25 years of experience spanning communications, technology and data industries in a variety of large, medium and small enterprises, across a variety of business disciplines including; general management, sales, marketing and customer operations management.

Prior to joining Forge Rock, Tim spent 3 years as Vice President, EMEA for the Digital Commerce division at Pitney Bowes, and prior to that 5 years as sales director for Experian’s Decision Analytics line of business in the EMEA region. Tim also led Experian’s telecoms division globally, coordinating the telecoms vertical market strategy and bringing together propositions from across the organisation’s broad portfolio of products and services.


Joanna Zdulska

Information Security Access Programs and Governance Manager

Joanna has specialized in the domain of Identity and Access Management for the last 11+ years. Joanna has over 21 years of operations, technology and management experience with specific emphasis on compliance, risk management, solutions development and program management. Since joining Citi in 1996 Joanna has served in multiple technology managerial roles, being responsible for software development, project management and operational activities. Joanna managed risk management area as a formal Business Information Security Officer and Compliance Officer in Regional Data Center. Between 2005-2007 Joanna managed two Regional projects related to access management standardization and improvement for Distributed system like Unix, Wintel, SQL and Oracle databases. In 2007 Joanna joined Global ID management team and took on a global function responsible for Provisioning Automation and tools development. Since 2010 Joanna was managing Global Programs related to ID Management for EMEA region – including the centralization of access and compliance checks. Since 2016 Joanna has been managing Global Programs related to ID Management for all 3 regions: EMEA, APAC and NA/LATAM.

Joanna graduated from the IT program at the Department of Technical Physics and Applied Mathematics at Warsaw University of Technology (Master of Science degree).

She holds a CISSP (Certified Information Systems Security Professional) certificate.

Kannan Rasappan

IAM Architect and Developer, HSBC

Kannan is a Technical Architect actively involved in PSD2 Compliant IAM implementation in Tier-1 Banks like RBS & HSBC. He is a strong advocate on adopting industry standard products/protocols and advising organisations on Best practices for an end to end IAM solution. Kannan is an Applied Mathematics post-graduate who started his career as backend developer in 2000 and has worked on diverse domains in varying capacities leading up to an Architect role in IAM. He is an entrepreneur at heart and co-founded a big data company. He has been an active member in IAM meetups in London and also regularly participates in Hackathons. He has been advising various startups as mentor and also provides consulting service to a few companies.

Rik Van Bruggen

Sales Vice President EMEA, Neo Technology

Rik Van Bruggen has been working for Graph Database leader Neo4j for the past 5 years. He has published frequently on the topic of Graph Databases, and is now leveraging his prior and current experience in IAM and Graph Databases to make the two fields meet and thrive. Twitter : @rvanbruggen

Dr Hasan Al-Madfai

Application Fraud Consultant, Direct Line Group

Hasan Al-Madfai (BSc, MSc, PhD) is an established statistician and data scientist with recognised experience in various areas including customer insight, LTV modelling, street price optimization, fraud prevention and forecasting. His passion lies in using science and R&D to develop business operations and processes and optimise outcomes. Following a successful academic career, Al-Madfai has served in key leadership roles heading multiple teams and functions at market leading companies such as BGL and Direct Line Group.

Niels von der Hude

Director Product Strategy, Beta Systems IAM Software AG

Niels is Director Market Development IAM at Beta Systems Software. He is a globally recognized IAM thought leader in the market and a very experienced Manager with balanced business and technical acumen. He received his diploma in electronic engineering at Technische Unversität Berlin and passed the ‘General Management Programme’ at INSEAD. After ten years of work in telecommuncation business, where he acted as a management consultant and as a corporate investment manager, Niels von der Hude entered Beta Systems. His long-term product vision and his customer-centric approach enables Beta Systems to create high quality products under aggressive schedules.

Dr. Louise Bennett

Chair of the Security Community of Expertise, British Computing Society

Dr Louise Bennett Chairs the BCS Security Community of Expertise and Identity Assurance Working Group. She started her career as a scientist modelling weather patterns and locust plagues in Africa. She then moved into operations research and real time computing for aircraft systems in Defence.

Over the last 30 years she has been an IT & R&D director (Thorn EMI, Logica, AEA Technology, Vivas). She has also worked as a Government advisor in several capacities. Currently she is a member of: the Defence Science Expert Committee, the Cabinet Office Privacy and Consumer Advisory Group and the Technical Panel for the Information Commissioner. She consults on: strategic and corporate governance, the exploitation of new technology and risk management. Her current work focusses on: how to ensure trust online, particularly the governance of online identities for both individuals and organisations; payments over the Internet; developing resilient organisations, from environmental, security and privacy perspectives (including information assurance and fraud prevention).

Marek Zakrzewski

IAM Consultant, Public Sector (Healthcare)

Marek Zakrzewski is an Information Security Consultant with over 20 years NHS experience in various aspects of information technology from hands-on IT ‘engineering’ to managing IT departments. 

After one of too many restructurings and reorganisations he decided to take more direct approach to  information security and set up IGS (Information Governance Services) to promote sensible and yet standard compliant approach to this fast changing field.

Yousef Syed

Security Consultant and IAM Specialist

Yousef began his career as a OO Designer and Java Developer back in 1998 shifting to a security focus in 2000 with the new JAAS API and Java 2 Security API. From 2004 he was working on various compliance projects for AML and KYC and then in 2005 became a pre-sales consultant with Thor Technologies Xellerate IAM product (later purchased by Oracle to become OIM). Since then, he’s worked in multiple projects with a security focus of Application Security, IAM, Enterprise Security, Cryptography and Compliance, as an Architect or Consultant. He’s Certified Information Security Professional (2007), Certified Cloud Security Professional, Certified Ethical Hacker and TOGAF certified Enterprise Architect.

Travis Spencer

CEO, Twobo Technologies

Travis has worked extensively with organizations in various industries in both the US, Europe, and elsewhere who are adopting cloud and mobile computing. His broad market exposure coupled with a background in application development allows him to help organizations with low-level technical issues as well high-level questions. His deep knowledge of established standards like SAML, WS-* and XACML coupled with emerging ones like REST, SCIM, OpenID and OAuth provides him with a unique and cutting edge perspective on digital identity and access management.

Colin Wallis

Executive Director, Kantara Initiative

Colin is the Executive Director of the Kantara Initiative Inc, the globally acknowledged thought leader and emerging practice resource center for federated digital identity, access and consent-based information sharing. Colin’s combined public and private sector background in online identity and privacy builds on 15 years of contribution to international standards and consortia. Alongside his contracts with Kantara and his previous employer, Colin maintains leadership positions in the US Identity Ecosystem Steering Group (IDESG), OECD Internet Technical Advisory Committee (ITAC) and ISO SC27 Security Techniques on topics around Information Security, Privacy and Trusted Identity.

Gabe Chomic

President, Information Systems Security Association – UK Chapter (ISSA-UK)

Gabe Chomic is a technologist at heart who has been tinkering with things from an early age. He currently leads the information security and architecture efforts at a large national charity and also serves as President of the ISSA-UK Chapter. In various past lives, he has performed in-depth security engineering in heavy industry & SCADA environments, analysed international business and security processes in fourteen countries, and dabbled in government IT. His current passions involve the economic drivers behind insecurity, the cascading effects of small business failure, and the changing perception of information security in the public eye.

Karthik Selvaraj

Consultant Platform Architect, British Gas

Karthik Selvaraj is a seasoned technologist has spent last 15 years in creating new business values through technology adoption.

In his current role, leads a technical team responsible for delivering next generation platforms at British Gas related to Identity and API Management, Security Integration and mobility solutions.

Karthik is passionate about building world class, secure and scalable solutions in Cloud.

Tom Eggleston

Managing Director, ProofID

A seasoned identity management veteran, Tom has been involved in all aspects of delivering identity management solutions for over ten years. As Chief Technology Officer at Salford Software Ltd, a specialist provider of identity management solutions to universities, Tom gained a deep understanding of what makes the Higher Education sector tick. Now, as Managing Director of ProofID, Tom is focused on helping ProofID’s customers unlock the benefits of next-generation identity management.

Cyril Gollain

Chief Executive Officer, Brainwave

Cyril is the Chief Executive Officer and Co-founder of Brainwave. Under Cyril’s leadership, Brainwave has grown from a collection of unique and innovative ideas into a market recognized leader in the identity analytics & intelligence software market.

Cyril drives the overall vision and strategy for Brainwave, which is re-enforced by his passion for building performing teams, creating an innovative work environment, and focusing continuously on the customer’s pains and needs.

Before Brainwave, Cyril held management and consulting positions at Oracle, BT Global Services and Cap Gemini. Cyril is a popular speaker at IT Security events and contributor to IAM groups and blogs. He holds degrees from Chimie Paris Tech and Imperial College of London.

Travis Greene

Identity and Access Solutions Strategist, Micro Focus | NetIQ

After a 10-year career as a US Naval Officer, Travis started in IT as a Data Center Manager for a hosting company. In early 2002, Travis joined a Managed Service Provider as the leader of the service level and continuous improvement team, converting customer feedback into service improvements. Today, Travis conducts research with NetIQ customers, industry analysts, and partners to understand current Identity and Access Management challenges, with a focus on provisioning, governance and user activity monitoring solutions.

Travis is a regular columnist for Security Week Magazine and has been a speaker at Interop, RSA, itSMF and Gartner events among dozens of others. Travis is Expert Certified in ITIL and holds a BS in Computer Science from the US Naval Academy.