How to avoid internal Fraud I

  • TYPE: Combined Session DATE: Wednesday, April 23, 2008 TIME: 15:00-16:00 LOCATION: Solaris


Most financial institutions nowadays have sophisticated risk management tools in place, maybe even profiling traders and their habits, searching email traffic for keywords which might be worth checking for fraudulent activities, and much more. But what sense would all that make, if authorizations and priviliges are not provisioned or, more important, de-provisioned in time, and if access to internal applications is not secured with strong authentication and even biometric identification? If banks don't leave the doors of their bullet-proof safes open - why do they leave access to applications open, where billions of Euros can be moved to places where they are not supposed to be moved to?

Cases like the recent one at Société Générale show that internal risks can only be kept at a manageable level through an integrated Enterprise GRC & Identity Management strategy. This panel will highlight and discuss various types of internal threats and mark the key points of such a strategy eliminating these threats.


Calum MacLeod has over 30 years of expertise in IT, with the majority having been spent in networking and security. Following several years working in the financial sector as a security specialist he has served as a security consultant to organisations such as the European Union, European Police...

Jaap Scheepstra has more than 8 years experience in Identity & Access Management, business role based access, IAM audit, federation, strong authentication, PKI, provisioning, access management, compliance and information security. He worked in national and international projects in the...

Terry Schoen is Entrust’s European Business Director for Fraud Detection & Consumer Authentication. With over 20 years international security software technology experience Terry is responsible for the European expansion of Entrust’s innovative fraud prevention solutions. Terry...

Named one of Infoworld's Top 25 CTO's of 2006, David has more than 20 years of experience in developing advanced imaging software and systems for high security, high-availability systems. Prior to founding Imprivata he developed biometric applications for government programs and web-based...

What is necessary to track down manipulations to (financial) applications? How can regulatory compliance be audited and monitored in a cost-sensitive yet effective way? Dr. Boehmer has worked on a model for automated monitoring of the fulfillment of legal, institutional, and organizational requirements, which he calls "compliance analysis". In contrast to classic methods used for safeguarding corporate networks, which can primarily be described using first order logic calculus, e.g. through signatures or patterns and rule systems, methods used by knowledge-based systems (data mining) are more advisable in the case of compliance analysis. Boehmer´s model is borrowed from criminology and is referred to as compliance profiling.


Wolfgang Boehmer works as an external scientist at the TU-Darmstadt presently. His research focus on risk and security-management systems and their analytical description as well as their modeling with mathematical methods with MATHEMATICA. As a free Consultant he supports companies from all...

Log in to download presentations:  


Session Links


European Identity Conference 2008

Registration fee:
€1980.00 $2475.00 S$3168.00 21780.00 kr
Mastercard Visa American Express PayPal INVOICE
Contact person:

Ms. Bettina Buthmann
+49 211 23 70 77 23
  • Apr 22 - 25, 2008 Munich