Authentication Trends

Combined Session

Tuesday, September 14, 2021 17:30—18:30

Location: ALPSEE

The onslaught of account takeover attacks from insecure passwords is driving the rapid adoption of passwordless solutions. While the risk reduction benefits are substantial, eliminating passwords is just the first step on the path to fundamentally strong authentication. In the “new normal” era of work from anywhere, and rapidly increasing cloud adoption, organizations are moving to a new risk-based authentication model. Advanced organizations are validating users, their devices, and inspecting the security posture of the device for each login. Strong and continuous authentication is a fundamental building block of Zero Trust. Learn how you can make it happen without making the user experience miserable.

Discussion topics include:

New cybersecurity and identity management requirements in the post COVID era
Traditional MFA vs Passwordless - avoiding the “security vs. painful user experience” tradeoff
Device trust and the confluence of cybersecurity and identity management
Continuous risk-based authentication

Takeaways:

Account takeovers and other attacks have increased as a result of distributed working - adopting a solution that removes passwords removes most of the risk
MFA has evolved beyond the traditional “password + SMS + pin” approach
CISO’s and IT no longer have to trade increased security for user convenience
Modern devices allow organizations to leverage the Secure Enclave / Trusted Platform Module for increased security
Continuous, risk-based authentication is a key factor in identity and access management

Patrick McBride

Beyond Identity

Patrick has served as CMO of ZeroFOX and Claroty, as VP of Marketing at iSIGHT Partners and Xceedium, VP of Compliance at Scalable Software, Co-founder and CEO of META Security Group, and...

Read Bio

Traditional IAM models have focused on users, policies, and roles, which met the needs of web applications in years past but as application development has evolved to APIs, an innovative approach to identity management is required. It is no longer just users, roles, and permissions. APIs must be integrated into the identity and access management framework to ensure adequate governance and security.

Within an API there is a requestor (often on behalf of a user), a service (API), and the data that is being passed. All these entities in the transaction require unique identity and authorization; without identity, compliance and enforcement mandates cannot be met effectively and without authorization, there is a free-for-all on your APIs reminiscent of Cambridge Analytica and Facebook.

In this session, we will look at how rapid digitalization (first and third-party APIs + multi-or hybrid-cloud environments) has complicated security efforts, the role of API integration in data governance, and how companies can best navigate the heightened cyber-threat environment we find ourselves in today.

- Why API security requires more than traffic policy management and course-grained enforcement.
- Why APIs need to be integrated into the identity and access management framework to ensure adequate governance and security.
- How companies can reduce the burden on developers to allow for a proactive approach to API security instead of reactive.

Nathanael Coffing

Cloudentity

Nathanael is a CyberSecurity visionary who’s spent the last decade focused on improving the security posture of the identity by integrating Cyber signals into the authentication and...

Read Bio

Gal Helemski

PlainID

Gal is a recognized specialist in cyber security with specific focus on identity and access management. In the past 16 years she has defined solutions to customers, wrote the project specs,...

Read Bio

David Martinache

Wavestone

David is a consultant specialized in identity and access management for the last 8 years. He supports major companies in their digital transformation by helping them rethink their authentication...

Read Bio

Fabian Süß

KuppingerCole

Fabian joined KuppingerCole‘s Events Team in July 2021 as a Project Manager, with a focus in Content and Agenda for the Cybersecurity Leadership Summit. He holds both a M. Eng. in...

Read Bio

Identity management is critical for digital transformation and continues to evolve and gain importance as the business environment changes in today's hyperconnected world, where employees, business partners, devices, and things are all tightly interwoven. Deploying an identity security solution – regardless of your business size or industry is a fundamental requirement today to facilitate secure communications and reliable transactions.

This panel explores identity security strategies that enable your business to take full advantage of your solution’s capabilities.

Yvo van Doorn

Auth0

As Senior Solutions Engineer, Yvo van Doorn is a technical expert for Auth0 customers seeking to understand the benefits of identity and cloud. He has more than a decade of system administration...

Read Bio

Oliver Krebs

Onfido

Oliver Krebs is GM EMEA region at Onfido. Oliver has over 26 years experience leading growth and operations teams to deliver maximum profitability, efficiency and customer satisfaction; connecting...

Read Bio

Martin Kuppinger

KuppingerCole

Martin Kuppinger is Founder and Principal Analyst at KuppingerCole, a leading analyst company for identity focused information security, both in classical and in cloud environments. Prior to...

Read Bio

Authentication Trends

Going Passwordless and Beyond - The Future of Strong Authentication

Panel: APIs - Where Security Meets Identity Management

Panel: Prioritizing Identity - Identity-Centric Security Strategy

Tickets