Expert Stage

  •  TYPE: Track   DATES: May 16 - May 17, 2018
Conference Tracks


Experts Stage I


Starting Real Cybersecurity Means Protecting Credentials

Date: Wednesday, May 16, 2018 Time: 11:00-12:00 Location: WINTER GARDEN

Starting Real Cybersecurity Means Protecting Credentials
Read about all the breaches and you will find one common theme, attackers used a weak credential to gain access. Organizations that learn to protect credentials in services like AD are the more likely to be secure, operate with the least risk, and ensure they meet their compliance goals. Protecting credentials is about having visibility into where they are at risk, and automating mechanisms to mitigate or even remove those risks. We will discuss where the typical weaknesses are found, how...

Evolution of security perimeter. Why IAM is becoming the last Frontier
The traditional security perimeter is proving to no longer be an effective cyber security control and fast growing technologies, such as cloud, mobile and virtualization make the boundaries of an organization blurry. For many years, organizations have protected their valuable and sensitive information by building a fence around assets, and all of the data that flowed in and out was either via a single internet access point or on physical devices. This meant that a traditional perimeter...

Policy Management – The New Challenge
After ‘user lifecycle’ and ‘role management’, governance aspects of another IAM object entered the focus of auditors: Policy Management - More and more the definition of and compliance with policies are assigned to the business layer. In addition to this, new dimensions for SoD like the ‘cooling-off’ periods in the revised MaRisk regulation are increasing the complexity for the implementation, transparency and recertification of adequate policy management...

GDPR Technology. The Next Big Bet after 25 May 2018

Date: Wednesday, May 16, 2018 Time: 12:00-13:00 Location: WINTER GARDEN

GDPR Technology. The Next Big Bet after 25 May 2018

CIAM & API Management - The New IT Dream Team!
Customer Identity & Access Management and API Management are known to be business enablers. But in combination they are even more than the sum of their parts. Key takeaways: API Management is the key technology to become part of your customers' digital ecosystem Most important actors of an API Management solution are external developers Customer Identity & Access Management and API Management accelerate each other

The Business Value of CIAM and how to measure it
As global competition continues to intensify and customer expectations keep rising, companies are increasingly looking for ways to win and keep customers happy. Many companies are realizing that keeping a customer happy in this hyper competitive world means serving her in a very personalized manner while protecting her identity. As companies strive to become more customer centric, some of them have started to see the critical role customers’ digital identity can play. In this...

Experts Stage II


The 5 Deadly Sins of Privileged Access Management

Date: Wednesday, May 16, 2018 Time: 14:30-15:30 Location: WINTER GARDEN

The 5 Deadly Sins of Privileged Access Management
For years, security experts have outlined the best practices for privileged access management in an effort to reduce problems associated with the abuse of privileged credentials. Despite this, IT organizations continue to struggle with privileged access management. Take a look inside any large enterprise and you’ll likely find that passwords are still not under complete control, users with administrator privileges are still causing problems and far too many system vulnerabilities open...

Best Practice in Privileged Access Management
In a time of rapid digital transformation, a lot of organizations face challenges managing privileged accounts. To strictly control, protect, monitor, and manage them, such companies use Privileged Account Management (PAM). Typical stipulations for the handling of privileged identities and users as well as accounts can be found in industry-specific standards as well as in regulations and laws. Stricter legal regulations and regulatory standards require aggregation of data and event...

Reducing Downtimes While Increasing Security in Industrial Systems with PAM
The most interesting topic for plant managers and industry responsible are how to reduce downtime and how to protect industry systems for attacks. In this presentation we will go through hints how PAM (Privileged Access Management) solution can help to reduce downtimes of industry machines while increasing the whole security. PAM as an alternative to VPN and older remote access solutions.

It’s time for IAM to Grow Up! 3 Steps to an Evolved Identity Strategy

Date: Wednesday, May 16, 2018 Time: 15:30-16:30 Location: WINTER GARDEN

It’s time for IAM to Grow Up! 3 Steps to an Evolved Identity Strategy
Digital transformations. Identity assurance. Risk-based IAM…We hear a lot of exciting buzzwords and “trends in IAM” today, however, the reality is that many organizations are struggling to take their identity strategy beyond the basics of simple access requests, user provisioning, and basic 2FA for a few privileged users. It’s time for IAM to grow up to meet the security and regulatory demands of today and future-proof for tomorrow. In this session, you will learn...

Empower IAM to Serve your Business Needs
The distributed world we’re living in requires a new style of IAM, flexible enough to quickly adapt to ever changing requirements, without impacting the applications infrastructure in use. Allow internal and external users seamless access to local, mobile and Cloud services from multiple devices, using IDs and credentials from various sources. Consumers are increasingly using their social IDs to access services and resources. You need to be able to reach your users through any...

Measuring the success of Governance
If your organisation is not currently measuring the success of Identity and Access Governance (IAG), you are not alone. Some organisations labour under the illusion that their IAG is working well, simply because they have been lucky enough to avoid any major issues. Others might attempt to measure the impact of IAG on risks such as data breaches but this does not extend to what matters most to the business - growth. Building a business case with tangible ROI metrics for ongoing IAG is a...

Extending OAuth2 to meet PSD2 Identity Security Requirements

Date: Wednesday, May 16, 2018 Time: 17:30-18:30 Location: WINTER GARDEN

Extending OAuth2 to meet PSD2 Identity Security Requirements
The new Payment Services Directive 2 is compelling European banking actors to open their services to outside partners. Most banking actors were not fully ready for the exposition of the services that were, until then, strongly kept for inside use. Some initiatives such as Open Banking(UK) and STET(FR) have established OAuth2 as the main standard for authentication, authorization and user consent. However all requirements cannot be directly addressed by the current state of the...

PSD2 Finally Enforced – Here is How to Get Started
PSD2 will revolutionize the portability of Identity not only for the banking industry but for everyone. While the intent is to increase participation in the payments industry but architecting for PSD2 will change the way consumer identity is shared, protected and self-managed. In this session, we will explore the requirements of PSD2, best practices for achieving these requirements and we will demonstrate a testbed for PSD2 that can enable fast adoption.

The Customer: Your New Boss Under the GDPR
In an era of fake news, data breaches, and the GDPR, earning consumers’ trust is a “must.” Come to this session to discover the SAP Customer Data Cloud from Gigya, your comprehensive solution for capturing consent and preferences, enabling customer control of personal data, and turning consumer data privacy into your market advantage.

Experts Stage III


From Blind Spots to Full Overview – Access Governance in Cloud and Hybrid Scenarios

Date: Thursday, May 17, 2018 Time: 11:00-12:00 Location: WINTER GARDEN

From Blind Spots to Full Overview – Access Governance in Cloud and Hybrid Scenarios
In the recent past we have seen serious data breaches on cloud platforms and in cloud apps, based on inappropriate partner access rights or misconfigured permissions. This is a clear confirmation that many companies still need to work on extending their governance procedures to the cloud and to partner and customer user populations. In this session you will get the details on how to address the challenges related to a hybrid IT environment, where employees, partners and customers are using...

Redefining Identity Governance for the Digital Era
Digital transformation and cloud initiatives are driving business and technology innovation. Identity Governance plays a critical role in achieving security and compliance, while business adopts innovative technologies. Learn how to secure your digital business and manage "digital risk" with next generation Identity Governance solution.

So I've bought that Identity Governance tool. Now how do I start?
In this session, Hans-Robert Vermeulen, senior solution engineer for SailPoint, will be discussing what it takes to successfully deploy an identity governance solution, including what foundation needs to be in place as well as what common technical and business pitfalls you may encounter along your identity journey. The session will conclude with best practices for ensuring the successful roll-out of your identity governance program within the first 3-4 months of deployment.

Identity Solved. What Next? Tackling your Toughest Authorization Challenges

Date: Thursday, May 17, 2018 Time: 12:00-13:00 Location: WINTER GARDEN

Identity Solved. What Next? Tackling your Toughest Authorization Challenges
Over the last decade, IT has grown from being a support function to being at the core of any business. Car manufacturers are morphing into transportation service industries; IoT and mobile has evolved from a luxury item for the executive few to an indispensable accessory. Everything is digital: plane tickets, ledgers, medical records, bank accounts, education, credit checks, and even votes in some places. With so many digital services being offered, so much data being generated, and so...

Authorization for the IoT: The OAuth Device Grant Flow
OAuth is well established as the go to protocol for API security, but there are still a few application types out there that struggle to securely fit into the OAuth story. This includes devices where user input is tricky, where data entry uses a tv remote control, and everyone gets to see you slowly type in your password. Or devices where there is no browser, where the dreaded Resource Owner Password Credentials grant type still reigns. Finally, there is a solution, with the all new...

From Silos and Warehousing to Just-in-time: Disclosing Entity Relations
Even though it may currently seem that solving GDPR challenges is all we need to take care of - there are a few more challenges related to IAM and its infrastructures that need to be solved, whether related to Consumer or Enterprise Identities or IoT Devices and many more contexts. For sure, there is no 'one size fits it all' solution, but some of the technologies and new paradigms will help shaping tomorrows landscape and its view on identities Key Takeaways: why on-premise...

Experts Stage IV


Afraid of Ransomware? How to Best Protect Your Enterprise

Date: Thursday, May 17, 2018 Time: 14:30-15:30 Location: WINTER GARDEN

Afraid of Ransomware? How to Best Protect Your Enterprise
Ransomware has hit many organizations in the past years. Everyone should be afraid of and prepare to not become a victim of such attacks. While there are many client-side tools that promise to protect against malware, including ransomware, not all these solutions are enterprise-ready. Enterprise Readiness requires centralized management and auditing capabilities, to provide control about the various endpoint platforms. In this session, John Tolbert will look at the requirements for...

Mobile Identity & API Security

Minimize Security Risks and Maximize Opportunities in Industrial IOT
Countless manufacturers, utility companies and factories are in the process of connecting billions of devices and things to the internet to gather data, are needed to improve overall operations and efficiency. Even though many of today's assets are not designed to be digitally connected to the internet, the security of factories and plants must be top of mind. Solving this challenge without compromising security becomes a competitive advantage (in manufacturing). In this presentation you...

Simplify Cloud Access and Provisioning with a Federated Identity Service

Date: Thursday, May 17, 2018 Time: 15:30-16:30 Location: WINTER GARDEN

Simplify Cloud Access and Provisioning with a Federated Identity Service
Cloud applications like Office 365 are today’s business essential. However, simply federating access is not enough to deliver Office 365 or the larger world of the cloud; you need to provide a consolidated, global view of identity to support this access layer by federating your identity layer as well, rationalizing identity from across disparate directory silos. This expert session will discuss how a federated identity service simplifies the move to Office 365 and other cloud apps...

Can Access Management Drive Cloud Transformation?
The OneLogin Unified Access Management Platform is purpose-built for hybrid customer environments. Historically, a customer’s only option has been building a cumbersome, multi-vendor, prohibitively expensive solution. With OneLogin, companies can now modify access privileges across all applications in real time vs. days or weeks, and slash access management costs by 50% or more — all with a single Unified Access Management Platform. This platform unifies access management not...

Digital Identity Authorities - the Key to Enterprise Cloud Transformation
Managing digital identities and access control for users, applications and things remains one of the greatest challenges facing cloud computing today. This has led to a new cloud security service paradigm that requires your organization to reevaluate the criteria for designing and implementing identity and access management (IAM) services across data centers, and private and public cloud infrastructure. This new criteria addresses the continued transformation to the cloud, mobile and...

Date: Thursday, May 17, 2018 Time: 17:00-18:00 Location: WINTER GARDEN

Stay Connected

KuppingerCole on social media

Munich, Germany


European Identity & Cloud Conference 2018

Registration fee:
€1980.00 $2475.00 S$3168.00 21780.00 kr
Mastercard Visa American Express PayPal INVOICE
Contact person:

Mr. Levent Kara
  • May 15 - 18, 2018 Munich, Germany


The European Identity & Cloud Conference 2018 is proud to present a large number of partners
Learn more

How can we help you

Send an inquiry

Call Us +49 211 2370770

Mo – Fr 8:00 – 17:00