- TYPE: Expert Talk DATE: Wednesday, May 16, 2018 TIME: 11:00-12:00 LOCATION: WINTER GARDEN
Read about all the breaches and you will find one common theme, attackers used a weak credential to gain access. Organizations that learn to protect credentials in services like AD are the more likely to be secure, operate with the least risk, and ensure they meet their compliance goals. Protecting credentials is about having visibility into where they are at risk, and automating mechanisms to mitigate or even remove those risks. We will discuss where the typical weaknesses are found, how they are exploited, and methods you can apply to ensure you are as secure as possible.
The traditional security perimeter is proving to no longer be an effective cyber security control and fast growing technologies, such as cloud, mobile and virtualization make the boundaries of an organization blurry.
For many years, organizations have protected their valuable and sensitive information by building a fence around assets, and all of the data that flowed in and out was either via a single internet access point or on physical devices. This meant that a traditional perimeter was an effective measure as the boundaries were known. As long as the internet access was controlled by the data that flowed through it, it was possible to protect, monitor and control that data.
Organizations protected internet access with firewalls, VPNs, access controls, IDS, IPS, SIEMs, email gateways, and so forth, building multiple levels of security on the so-called perimeter. On physical devices, systems management and antivirus protected those systems and kept them updated with the latest security patches.
This is a traditional security approach, used for nearly 30 years. However, in today’s world it is no longer effective alone. The perimeter has moved and we need to move with it.
During this session, attendees will learn about how identity and access management is evolving fast and becoming the new security perimeter.
- Why the traditional perimeter is no longer effective
- What hacker techniques are being used to compromise organizations
- What some governments are doing to protect their citizens
- Technologies that will help create the new cyber security perimeter
After ‘user lifecycle’ and ‘role management’, governance aspects of another IAM object entered the focus of auditors: Policy Management - More and more the definition of and compliance with policies are assigned to the business layer. In addition to this, new dimensions for SoD like the ‘cooling-off’ periods in the revised MaRisk regulation are increasing the complexity for the implementation, transparency and recertification of adequate policy management concepts. The presentation illustrates common aspects of SoD, current trends in policy management and predictions to future developments.
- Registration fee:
- Contact person:
Mr. Levent Kara
+49 211 23707710
- May 15 - 18, 2018 Munich, Germany