Identity Management

20 September 2017

Mövenpick Hotel, Amsterdam



Of ‘Things’ and ‘Strings’

3rd March 2017

It requires a consistent reorientation and adjustment of current technologies and methods to meet the upcoming challenges of Identity Management.

CISO should be the dyke warden of IT security

2nd March 2017

Ian Yoxall, Principal Consultant, Intragen When it comes to IT security, many people have an SEP (Somebody Else’s Problem) mentality. Responsibility for security cannot be outsourced. It […]



PLEASE NOTE: All Conference Sessions (including slides) will be presented in English ONLY

Session ONE – Context-aware, Risk-driven and Business-centric Identity and Access Management for the Enterprise

We explore how IAM can become a key enabler of business growth for organisations. Through cross-sector case studies and industry perspectives we charter key IAM imperatives including accountability, transparency, user experience and managing trust, privileges and entitlements. The early morning session will also explore:

  • EU Regulations and European-wide Identity Management initiatives
  • Why businesses require identity governance
  • Examples of successful deployments of comprehensive, customer focused identity management infrastructures
  • The impact of identity management investment on top-line revenue
  • How to use IAM to achieve business goals and empower digital business
  • The changing security landscape (attackers, threats and risks) and disruptive technologies
  • Operationalising identity intelligence for efficiency and risk mitigation
  • Future trends in the IAM space
Chair’s Opening Address

Robert Garskamp, Entrepreneur, Advisor on Digital Identity Matters and Founder of the IDnextplatform


European Commission (invited)

The eIDAS Regulation provides a predictable legal framework and ensures the cross-border mutual recognition of eID means in the EU.

Since 29 September 2015, following the adoption of the implementing acts on cooperation between Member States on eID, on interoperability framework, on assurance levels for eID means and on notification, EU Member States may, on a voluntary basis, notify and recognise national eID means that citizens and companies could use across borders to access online public services. As of 29 September 2018 the recognition of notified eID will become mandatory. And though the regulation is primarily focused on online public services, the private sector could benefit from the use of the eIDAS eID services. Additionally, it is worth exploring whether this regulation could bring together key stakeholders of the eID landscape and bring benefits beyond the cross-border use cases envisaged by eIDAS, in particular at the national level.

In this context, the presentation will try to address the following three questions.

  • What does this mean for the Member States? What is the status of eIDAS eID?
  • What are the benefits for private service providers (IDPs and Relying Party)?
  • How can eIDAS stimulate the electronic identification landscape alongside the cross-border use case?
A Smarter Way to Manage Identity

Organisations are having to provide access for a growing number of identities both within and outside their organisation, without compromising security or exposing sensitive information. This session provides an overview of how one large organisation is achieving the right balance between customer and employee identity management.

Trusted Identities

Don Thibeau, Chairman and President, Open Identity Exchange

Open Identity Exchange (OIX), is a non-profit, technology agnostic, organisation of global leaders from the private and public sectors – a test bed for business, legal and governance best practices and policies. Society, like the Internet, runs on trust. Trusting that our online identity is protected and not commercially exploited without our consent is complicated and interrelated. Trust is a powerful economic driver of the emerging identity ecosystem. Technology is rarely more than a small piece of the solution.

Bolstering Security through Effective Risk Management

Dimitri Chichlo, ‎VP Information Security & BCM at Edmond de Rothschild

The Business Case for IAM

As European states transition towards information-based economies, intellectual property and trade secrets are critical to the survival of large competitive business. In this morning keynote session, we look to explore the critical tenets of identity management and explore:

  • The value proposition of IAM and how can it help to empower business, improve growth and performance
  • How businesses can align their strategic business objectives with their risk management metrics and IAM solutions
  • IAM essentials – control, accountability, transparency, compliance
  • Defining and implementing a IAM & GRC roadmap
  • An overview of market drivers, trends and standards
Identity Governance: Securing Privileged Accounts

Privileged accounts have a valid set of credentials which can be used (or misused) to gain access to mission-critical systems and networks. With non-restrictive, elevated levels of access, privileged accounts can evade access controls and can easily be used by attackers or malicious insiders to cause significant damage. In this session we explore how businesses can utilise analytics, among other best practice solutions, to secure privileged accounts and implement processes that mitigate risk, look at the ‘right’ data and not all the data, and meet high stakes compliance requirements.

Questions To The Panel Of Speakers
Morning Networking and Refreshments Served in the Exhibition Area
Identity and Access Management (IAM) from a Philosophical Perspective – Dare to Question Why

Theo Sinnema, Identity and Access Management Consultant

This presentation will be focused on the why questions within Identity and Access Management from a customer, (end-)user, business and IT perspective knowing what the challenges will be faced (or already are faced) in the world of connecting things, people, information, identities.

Trust Based Access Control

Employees require access to sensitive information and critical systems for numerous reasons and levels of trust have to be associated with access control. In this session we consider:

  • What trust based access control should look like
  • Identifying secure users and behaviours
  • Balancing enablement with accountability
  • Balancing security with usability – taking account of user experience and needs
Questions to the Panel of Speakers Delegate movement to the Seminar Rooms

Delegate movement to the Seminar Rooms

Seminar Sessions
Networking Lunch Served in the Exhibition Area

Session TWO – The Future of IAM in Enterprise

  • Defining an IAM strategy, Benchmarking Performance, Identifying and Overcoming Challenges
  • Exploring how to maintain, monitor, improve, optimise and govern IAM infrastructure
Chair’s Afternoon Address
Afternoon Keynote Address: Promoting the Digital Economy

Fast and flexible access is becoming important than ever to driving efficiency in government. In this keynote session, delegates will hear about how the public sector balances faultless security with operational flexibility, and the journey that has been undertaken to make access and authentication quicker and simpler.

Using Identity to Empower your Business

We hear from a multinational retailer about how they are supporting the entire identity lifecycle within their organisation, and explore:

  • How we prepared and got started: Goals & principles
  • How we selected a solution and an implementation partner
  • Planning and roadmap
  • Learnings and Results (so far)
Transaction Risk Analysis – Architecture Walkthrough

Kannan Rasappan, Worldpay

This presentation will explore:

  • RTS mandate on TRA to help in SCA exemption
  • Relevance of fraud rate & SCA exemption
  • Leveraging mobile authenticators & risk engines to tackle fraud
  • Audit, Reporting & Compliance for enrolling into TRA exemption
Questions to the Panel of Speakers
Afternoon Networking and Refreshments served in Exhibition Area
Case Study: Overcoming IAM Challenges at a Financial Institution

In this session we hear about the IAM challenges of a financial institution, and how they are working to overcome them with particular attention devoted to:

  • Why organisations deploy IAM
  • Why IAM projects stall and how to overcome common challenges
  • Recipe for success – top tips
Managing Cloud Risks and Rewards

Navigating the complex blend of on and off premise business critical resources is a big challenge for large enterprise organisations. This session will explore developing cloud standards and the core requirements from users and organisations about cloud infrastructure.

Is this the end of the road for passwords?
  • What is the future of passwords?
  • Are password managers reliable?
  • Will biometric systems replace passwords?

We explore the complexities of the much-maligned password system, and how enterprises can balance convenience with risk.

Closing Keynote: The Future of IAM

Our closing keynote session discusses key themes pertinent for IAM in the enterprise, including:

  • Identity, privacy and trust
  • Overcoming authentication challenges
  • Building user awareness
  • Defending against malware
  • New and existing challenges: mobile identity management, scalability, compromised credentials, privileged account management
  • Preventing misuse of delegated credentials
Questions to the Panel of Speakers
Closing Remarks from the Conference Chair
Conference Closes, Delegates Depart

Please note:
Whitehall Media reserve the right to change the programme without prior notice.