Governance; Privilege Management

  • TYPE: Combined Session DATE: Wednesday, May 16, 2018 TIME: 15:30-16:30 LOCATION: ALPSEE


In most organizations, Privilege Management (Privileged Access Management, Privileged Identity Management, etc.) is still considered being a distinct technical discipline within IAM. On the other hand, we observe more and more organizations thinking about how to connect Privilege Management with Access Governance. There are good reasons to do so: Every privileged account must have an accountable manager. And if that manager changes his job, ownership must change as part of the "mover" process. There is the need for recertification of privileged accounts and their ownership. Privileged accounts also should be well-managed during application onboarding.

Unfortunately, it is not that easy to marry Privilege Management and Access Governance. This session will look at the use cases and processes, but also the state of technical integration.


It is critically important to know how cyber criminals target their victims, what you can do to reduce the risk and make it more challenging for the attackers who steal your information, your identity or your money. It explains how outside attackers or malicious insiders can exploit vulnerabilities using examples such as a compromised email account password that escalates into a full-blown breach of network security.

Compromising a privileged account, therefore, can be the difference between a simple network breach and a cyber catastrophe. When a single system is compromised, it is typically easier to mitigate, isolate, and eradicate the risk and restore control. When a privileged account is breached, it can lead to a major disaster. That’s because when a privileged account gets hacked, it allows the attacker to impersonate a trusted employee or system and carry out malicious activity without being detected as an intruder. Once attackers compromise a privileged account, they can typically roam at will through an IT environment to steal information and wreak havoc. By describing the anatomy of a privileged account hack, we will show how cybercriminals target their victims, what you can do to reduce your risk and prevent abuse of your critical information assets.

Key Takeaways:

  • How Hackers Target their Victims.
  • The key steps and techniques hackers use to gain access
  • Key Security Controls that reduces the risks


Joseph Carson is a cyber security professional and ethical hacker with more than 25 years’ experience in enterprise security specializing in blockchain, endpoint security, network security, application security & virtualization, access controls and privileged account management. Joseph...

In enterprise IAM, the classical boundaries between different types of users are blurring. IAM teams that have been dealing with office employees and subcontractors for years are realizing that factory personnel, partner companies or consumers need access to on-premises and cloud-based resources. What is the right approach to manage these different user populations? How can we get from silo approaches to structured enterprise IAM? How can scalability and governance be achieved? After a short introduction to the challenges, the panel discussion will lay out the potentials and limits of a comprehensive corporate identity platform. The panelists will argue how a transition to this platform can be achieved in the best way. They will dispute the major governance requirements and the most important IAM features required to achieve scalability.

Key Takeaways:

  • The audience will learn what the potentials and limits of a corporate identity platform are.
  • How to create a strategy for achieving comprehensive and structured enterprise IAM.
  • What are the relevant governance questions?
  • How to use appropriate IAM features to master the management of many different types of users with different demands.


Dr. Kuhlmann plays a key role in the continued development Omada’s solutions, including the award-winning Omada Identity Manager solution that is built entirely on the Microsoft platform and integrates with Microsoft Identity Lifecycle Manager to provide a robust solution for Compliance...

Ivaylo Markov is an IAM consultant in PATECCO. He has a strong technical background more than 10 years in the field, focusing on large enterprises in the banking and energy sector. He has a deep technical experience and knowledge of the processes and technologies in the private and public cloud....

Jonathan Sander is the Chief Technology Officer (CTO) at STEALTHbits Technologies . As CTO, he is responsible for driving technical innovation, ensuring that STEALTHbits is well positioned in their current and emerging markets, and leads corporate development efforts. Jonathan is an information...

Log in to download presentations:  


Session Links

Munich, Germany


European Identity & Cloud Conference 2018

Registration fee:
€1980.00 $2475.00 S$3168.00 21780.00 kr
Mastercard Visa American Express PayPal INVOICE
Contact person:

Mr. Levent Kara
+49 211 23707710
  • May 15 - 18, 2018 Munich, Germany