Best Practices I

  • TYPE: Combined Session DATE: Wednesday, May 13, 2020 TIME: 15:30-16:30 LOCATION: AMMERSEE II


Cyber Security traditionally has been seen as the domain of Technology, with an expectation that the solution has also to be provided by IT – and we happily accepted this challenge and delivered with numerous Software and Hardware solutions, design and development principles, policies and process controls.

However, as most successful cyber-attacks in recent time have started by targeting users (with phishing emails or social engineering), raising awareness of their role in mitigating cyber risks is even more important than just a technical solution.

This short presentation will highlight ideas and strategies but also potential pitfalls in delivery of awareness programs and trainings to turn your users into the most important line of defence in cyber security.


In 2019 Kashif Husain joined the Frankfurt office of Nomura, a Japan headquartered financial services group present in over 30 countries. In addition to his role as Information Security Officer, Kashif has also taken over Technology Governance responsibilities for the Continental European...

Picture this: you work at an enterprise, with a traditional IT organisation, mostly comprised to people that have been with the company for many years and manages lots of Personal and Non Personal Accounts on multiple platforms. There is this new thing called DevOps and it seems to match the Scrum methodology your developers like. So you decide to reorganize to DevOps. Some of your older employees don't want to make the transition with the attached challenges to the way they work and decide to take an early retirement This forces you to source some of the technical support functions to your offshore ventures in Eastern Europe. At the same time you want to make the new DevOps teams responsible for the entire stack, spreading the responsibility for account management to multiple teams. And after blinking twice you suddenly find you have several thousand of Non-Personal Accounts around that nobody seems to own or know what they are for. And nobody dares to delete them, because maybe you need them for some process that runs only once a year. Obviously this would never happen to you, right? But it happened to us and it could happen to you too!
In this talk, we explain how we drained the swamp and got back in control over our NPA's. It involves good old fashioned detective work, password vaults, smart repositories connecting different data sources, some automation and some bold decisions.

Key takeaways:
Understand the steps you need to take to get back in control
Understand where responsibility should be and why
Understand some of the tooling and automation you can use


Jan-Joost stumbled into IT almost 20 years ago, starting on a temp job for 5 days that lasted 7 years. During these 20 years he has been mostly on the functional and process side of things, having worked as tester, designer, information analyst, project manager, application manager, change...

Léon Janson has been working within Risk management and IT at ING since the late nineties. He started at Credit Risk management where he developed and implemented a world-wide Credit Risk Reporting datawarehouse. Next he managed several IT Operations teams within the Retail bank. During...


Quick Links

Become a Part of It!

And get your early bird discount

Stay Connected


Munich, Germany


European Identity & Cloud Conference 2020

Registration fee:
€1600.00 till 15.04.2020
$2000.00 till 15.04.2020
S$2560.00 till 15.04.2020
23100.00 kr
17600.00 kr till 15.04.2020
Mastercard Visa American Express PayPal INVOICE
Contact person:

Mr. Levent Kara
+49 211 23707710
  • May 12 - 15, 2020 Munich, Germany
Attendance Opportunities


The European Identity & Cloud Conference 2020 is proud to present a large number of partners
Learn more

How can we help you

Send an inquiry

Call Us +49 211 2370770

Mo – Fr 8:00 – 17:00