Session ONE – Context-aware, Risk-driven and Business-centric Identity and Access Management for the Enterprise
We explore how IAM can become a key enabler of business growth for organisations. Through cross-sector case studies and industry perspectives we charter key IAM imperatives including accountability, transparency, user experience and managing trust, privileges and entitlements. The early morning session will also explore:
- EU Regulations and European-wide Identity Management initiatives
- Why businesses require identity governance
- Examples of successful deployments of comprehensive, customer focused identity management infrastructures
- The impact of identity management investment on top-line revenue
- How to use IAM to achieve business goals and empower digital business
- The changing security landscape (attackers, threats and risks) and disruptive technologies
- Operationalising identity intelligence for efficiency and risk mitigation
- Future trends in the IAM space
Chair’s Opening Address
The Business Case for IAM
As European states transition towards information-based economies, intellectual property and trade secrets are critical to the survival of large competitive business. In this morning keynote session, we look to explore the critical tenets of identity management and explore:
- The value proposition of IAM and how can it help to empower business, improve growth and performance
- How businesses can align their strategic business objectives with their risk management metrics and IAM solutions
- IAM essentials – control, accountability, transparency, compliance
- Defining and implementing a IAM & GRC roadmap
- An overview of market drivers, trends and standards
Making Identity the Centrepiece of your Security Landscape
The evolving security landscape is forcing organisations to review their IAM strategies. Thinking in terms of defending the organisational perimeter is no longer viable for the connected enterprise. This session explores:
- The coming transition of IAM
- The changing role of IAM in cyber defence
- Ways in which IAM can bolster cyber defence
Enabling Digital Transformation Using Identity
Identity gives enterprises measurable value. From compliance to efficiency, identity offers technical leaders a vital role in digital transformations. Irrespective of whether you are providing access to consumer or employee-facing applications, IAM gives you the ability to offer a seamless experience to your user, gain visibility into risks and shrink your attack surface. We look at how IAM is a vital critical resource for insights and growth for your business, and how it can combine with agile methodologies to make your organisation a digital-first enterprise.
CIAM vs Enterprise IAM: A Smarter Way to Manage Identity
Organisations are having to provide access for a growing number of identities both within and outside their organisation, without compromising security or exposing sensitive information. Traditional IAM cannot typically handle customer facing IAM requirements. We walk you through:
- CIAM vs Enterprise IAM – the differences and why these are significant and relevant for your business
- Market drivers and how to select the best CIAM/IAM solutions
- Best practices – tips on implementation challenges and opportunities
- Ensuring continued improvement and success
Bolstering Security through Effective Risk Management
Although compliance is still a key driver in IAM initiatives, IAM is evolving into a risk-based discipline with many enterprises focused on entitlement management and enforcement of access controls. Effective IAM systems should be able to identify where an organisation is at risk. If you cannot see risk then you cannot control it.
In this session we explore a risk-driven approach to IAM which takes consideration of: access management policies, consistent application of role/rule-based access, segregation of duties as well as non-technical issues like managing confidential information, employee contractual considerations and data protection aspects of information breaches.
Identity Governance: Securing Privileged Accounts
Privileged accounts have a valid set of credentials which can be used (or misused) to gain access to mission-critical systems and networks. With non-restrictive, elevated levels of access, privileged accounts can evade access controls and can easily be used by attackers or malicious insiders to cause significant damage.
In this session we explore how businesses can secure access pathways to their network through the deployment of techniques and analytics solutions that mitigate risk, look at the ‘right’ data – not all the data, and meet high stakes compliance requirements.
Questions To The Panel Of Speakers
Morning Networking and Refreshments Served in the Exhibition Area
Identity and Disruption
Security challenges are one of the biggest obstacles when it comes to the adoption of new disruptive technologies like the Internet of Things, AI, Blockchain and Machine Learning.
The role of IAM is expanding which means it is no longer about managing people and their access. Rather, IAM is now moving towards being able to identity things, devices, and sensors. We discuss how disruptive tech trends are shaping the IAM domain, how IAM can help to define security safeguards, and explore:
- End to end encryption
- Scale and performance
- Privacy and consent management
- Adaptive authentication
Federation at Scale
What does federation look like? For consumers it means seamless access without needing to authenticate again, and the ability to use different login methods such as Facebook and other platforms. For enterprise, it offers a new way of allowing trusted partners to use SSO to access your services. We walk you through:
- Authorisation practices
- Attribute exchange practices
- User and entitlement management practices
Questions to the Panel of Speakers
Delegate movement to the Seminar Rooms
Networking Lunch Served in the Exhibition Area
Session TWO – The Future of IAM in Enterprise
- Defining an IAM strategy, Benchmarking Performance, Identifying and Overcoming Challenges
- Exploring how to maintain, monitor, improve, optimise and govern IAM infrastructure
Chair’s Afternoon Address
Using Identity to Empower your Business
We hear from a multinational retailer about how they are supporting the entire identity lifecycle within their organisation, and explore:
- Defining IAM strategy, implementing a roadmap
- Managing IAM projects – common mistakes and how to avoid them
- Scaling to thousands of identities
- Offering adaptive risk-based authentication
- Supporting the latest standards
Trust Based Access Control
Employees require access to sensitive information and critical systems for numerous reasons and levels of trust have to be associated with access control. In this session we consider:
- What trust based access control should look like
- Identifying secure users and behaviours
- Balancing enablement with accountability
- Balancing security with usability – taking account of user experience and needs
Ensuring the Success of your IAM Project
IAM projects are often complex and critical to business. There are many reasons why they typically fail but one of the common ones is a misunderstanding of its scope. We walk you through how you can achieve success, and look at ways in which you can:
- Achieve governance, continuous iteration and improvement
- Deploy agile methodologies
- Measure success and benchmark performance
- Understand your organisational culture and select a tool that best suits your needs
- Ensure you have buy-in from users and management
Questions to the Panel of Speakers
Afternoon Networking and Refreshments served in Exhibition Area
Solving GDPR Compliance Challenges
A practical walk through all of the major requirements needed to be GDPR compliant. These include consent and privacy, appointing a DPO, how to report on data breaches, and actionable security intelligence to help your organisation remain compliant. We look at how you can translate these requirements into actual security measures and how IAM can help you to progress your compliance journey
Managing Cloud Risks and Rewards
Navigating the complex blend of on and off premise business critical resources can present a challenge for large enterprise organisations. Virtualising legacy systems while also implementing new cloud technologies and ensuring those who need access have access can entail a complex web of processes.
We look at how you can:
- Provision access to all applications in the cloud
- Establish productivity alongside robust security controls
- Automate your security processes for optimum performance
- Develop cloud standards and balance these with user/organisational needs
Is this the end of the road for passwords?
The average user has tens of active accounts and has to remember over 25 passwords. The most commonly used password is “123456” and, in under an hour, a hacker was able to crack 90% of passwords from a list of 14,800. This has prompted calls to remove passwords altogether. Their removal would certainly put an end to the problem of stolen credentials, help-desk resets, and worries about phishing.
- What is the future of passwords?
- Are password managers reliable?
- What kind of alternatives can be utilised?
We explore the complexities of the much-maligned password system, and how enterprises can balance convenience with risk through multi-layered risk analysis.
Closing Keynote: The Future of IAM
Our closing keynote session looks at:
- Identity, privacy, trust in an increasingly connected world
- Building user awareness and organisational intelligence
- Authentication and access challenges with the advent of disruptive technologies
- New and existing challenges: scalability, compromised credentials, malware, privileged account management
- New innovations in the IAM domain which make it indispensable in managing risks and combatting breaches
Questions to the Panel of Speakers
Closing Remarks from the Conference Chair
Conference Closes, Delegates Depart
Whitehall Media reserve the right to change the programme without prior notice.