Strong & Adaptive Authentication

Harness Your Identity Analytics to Deliver Contextual Authentication

Identity Analytics (IdA) has experienced tremendous growth within the cybersecurity community. Most of the work has focused on data mining to analyze existing user rights to reduce over-provisioning and improve privileged access management systems. But what about authentication systems that must make decisions using dynamic data that is created in real-time? Steve “Hutch” Hutchinson, GE’s Principal Cybersecurity Architect, will show how you can leverage your own hidden identity analytics to create a risk engine for real-time risk-based authentication decisions. The session will demonstrate where to find data in your system silos as well as techniques to properly tag and label those attributes for efficient processing. Steve will also exhibit exciting new Machine Learning and Artificial Intelligence tools being provided in the cloud that can be used not only to enhance authentication security, but also to shine a light on risks and issues that remain hidden within mountains of data.

Key takeaways:

• Identity Analytics can be collected from existing data stores within your business, tagged and classified using knowledge from within your current IAM department, and leveraged for real-time decision-making in addition to after-the-fact access reviews.
• The use of sophisticated machine learning and artificial intelligence tools are within the realm of today's IAM developers through the use of simplified tools provided by today's cloud vendors (i.e. AWS SageMaker)
• While several third-party vendors do provide risk engines, they produce limited results (usually just high or low), do not return details on the scoring decision, and do not allow for introduction of the business's own intelligence data. As such, they can be a single useful input in a larger calculation based on more factors.
• Utilizing your own risk engine for real-time risk-based authentication decisions will improve user experience by only challenging the user when their risk profile requires it and only with the challenge type(s) appropriate to that risk.
• Risk-based authentication is a cornerstone to a robust zero-trust security framework.

Panel: Transforming Secure Access to be Intelligent

When it comes to making access decisions, it’s all about acting smart. In the speed of today’s business agility requirements, we cannot stop users at the door all the time and ask for their ID. We need to know them. Intelligent Access provides the benefit of reducing friction AND adding security to protect applications and data that are critical to the business. It provides security and convenience, considering the needs of the modern workforce. In this session we will discuss a simple process to gain visibility into the right listening posts, derive actionable insights and then drive action to protect the organization’s most valuable assets from rogue access and drive Identity and Access Assurance.