Password Management Problems: Employees Significantly Increasing Risk of Security Breaches

20th April 2015

Managing passwords is not a new thing. But, we are seeing a renewed focus on it due to the rapid adoption of new technologies – […]

2014 Market Pulse Survey: Employees Going Rogue with Corporate Data in the Cloud

17th April 2015

We’ve known for some time that the adoption of cloud technologies would have a significant impact on the enterprise, and that when SaaS applications started […]



Future Proofing your IAM Programme

We explore how IAM can become a key enabler to organisations. Through cross-sector case studies and industry perspectives we charter key IAM imperatives including accountability, transparency, user experience and managing trust, privileges and entitlements. The early morning session will also explore:

  • Why businesses require identity governance
  • Examples of successful deployments of comprehensive, customer focused identity management infrastructures
  • The impact of identity management investment on top-line revenue
  • How to use IAM to achieve business goals and empower digital business
  • The changing security landscape and disruptive technologies
  • Operationalising identity intelligence for efficiency and risk mitigation
  • Identifying future trends in the IAM space
The Conference Chair's Opening Remarks
Identity Management for the Digital Enterprise

Intellectual property and trade secrets are critical to the survival of large competitive business. In this morning keynote session, we explore the critical tenets of identity management and explore:

  • The value proposition of IAM and how can it help business grow
  • Developing digital IAM strategies that support innovation
  • Aligning strategic objectives with risk management metrics
Risk-based Identity Management and the Insider Threat

The ultimate goal of all security professionals is to prevent the loss of critical enterprise data and guard against sabotage to ICT infrastructure. The ‘insider threat’ as it is commonly known is a significant vector of attack that can breach security via malicious, exploited or negligent insiders. In this morning session, we ask: What does a comprehensive IAM risk management strategy look like?

  • Behaviour based anomaly detection
  • Detecting insider threats and compromised accounts
  • Monitoring usage and privileged accounts
  • Gaining visibility into critical systems and applications
  • Investigating threats and performing forensics
  • The employer’s (legal) toolkit in cases of data breaches
A Smarter Way to Manage Identity in a Changing Security Landscape

This session will look to elaborate on key elements of successful IAM deployment by exploring:

  • The cyber threat landscape and trends
  • Identifying challenges of large scale enterprise IAM
  • Guidelines for success – letting the right people and devices in the network and keeping the wrong ones out
  • The relationship between IDM and Infosec
  • Regaining access control over resources you don’t control
  • Scaling and growing according to your needs and capability
  • Future proofing IAM investment
Implementing a well-defined IAM Strategy and Governance Model

The regulatory environment is continually changing and growing, and the challenge of meeting requirements is becoming complex. New challenges around applications in the cloud, emergence of big data tools, IoT adoption and Blockchain are emerging – but there are also many opportunities.

We discuss policy enforcement, identity intelligence, and how your organisation can implement a complete framework for identity data which takes account of roles, users and resource risk factors.

Case Study:

Although compliance is still a key driver in IAM initiatives, IAM is evolving into a risk-based discipline with many enterprises focused on entitlement management and enforcement of access controls. Effective IAM systems should be able to identify where an organisation is at risk. If you cannot see risk then you cannot control it.

In this session we explore a risk-driven approach to IAM which takes consideration of: access management policies, consistent application of role/rule-based access, segregation of duties as well as non-technical issues like managing confidential information, employee contractual considerations and data protection aspects of information breaches.

Ensuring the Success of your IAM Project

Exploring the reasons IAM projects stall and fail using real-world examples and key tips for ensuring success.

Questions To The Panel Of Speakers
Morning Networking and Refreshments Served in the Exhibition Area
Trust Based Access Control

Employees require access to sensitive information and critical systems for numerous reasons and levels of trust have to be associated with access control. In this session we consider:

  • What trust based access control should look like
  • Identifying secure users and behaviours
  • Balancing enablement with accountability
  • Balancing security with usability – taking account of user experience and needs
Securing Privileged Accounts

Privileged accounts have a valid set of credentials which can be used (or misused) to gain access to mission-critical systems and networks. With non-restrictive, elevated levels of access, privileged accounts can evade access controls and can easily be used by attackers or malicious insiders to cause significant damage. In this session we explore how businesses can utilise analytics, among other best practice solutions, to secure privileged accounts and implement processes that mitigate risk, look at the ‘right’ data and not all the data, and meet high stakes compliance requirements.

Questions to the Panel of Speakers and Delegates move to the Seminar Rooms
Seminar Sessions
Networking Lunch Served in the Exhibition Area

Session 2 – The Future of IAM in Enterprise

  • Defining an IAM strategy, Benchmarking Performance, Identifying and Overcoming Challenges
  • Exploring how to maintain, monitor, improve, optimise and govern IAM infrastructure
The Conference Chair Opens the Afternoon Session
Deploying IAM in the Cloud

Cloud throws up unique challenges for IAM professionals. The management of identities across domains is critical to business agility. We hear from a leading end user about how to deploy and integrate IAM with your cloud infrastructure.

Securing Agile Remote Access

The proliferation of mobile and strong consumer demand has driven many organisations to adopt an on-demand delivery model. This new reality manifests itself in a boundary-less enterprise environment.

This session looks at how enterprises can:

  • Extend their IAM infrastructure to mobile deployments
  • Implement mobile authentication, end to end security for device, apps, users
  • Monitor behavioural anomalies, preventing hacker and malware activity
  • Ensure their mobile deployment is secure through encryption and other techniques
  • Prevent data loss, enforcing security policies and compliance
  • Strengthen device and app security
Case Study: How IAM factors in Enterprise Risk Analysis and Mitigation

This session explores risk analysis and mitigation with particular reference to financial institutions.

Questions to the Panel of Speakers
Afternoon Networking and Refreshments served in the Exhibition Area
Is this the end of the road for passwords?
  • What is the future of passwords?
  • Are password managers reliable?
  • Will biometric systems replace passwords?

We explore the complexities of the much-maligned password system, and how enterprises can balance convenience with risk.

The Benefits of Access Governance for Unstructured Data

Preventing loss and leakage rests on effectively managing access and controls to large swathes of unstructured data. We look at how you can bolster protections and enable enforcement of access policies that give you a 360-degree view of all your assets.

Closing Keynote Address: Data Protection and Privacy Considerations for Cyber Security and IAM Practitioners

A multidimensional approach to IAM is one that takes into consideration data protection and privacy. Our closing session looks at how disparate security disciplines can align themselves for more effective management of cyber threats.

Questions to the Panel of Speakers
Closing Remarks from the Conference Chair
Conference Closes, Delegates Depart

Please note:
Whitehall Media reserve the right to change the programme without prior notice.