Early-bird Discount
expires in
Register Now

Agenda

Cloud Security

Cloud Security

Combined Session
Wednesday, June 05, 2024 17:30—18:30
Location: A 05-06
Log in to download presentations

Is Your Cloud NIS2 Ready?
17:30—17:45

Watch the video

 

With the European Union's Network and Information Security (NIS2) directive being in effect in October 2024, it is estimated that 40000 German companies do not realize they must comply with the directive. One of the big questions is how companies could prepare for the NIS2 Directive, especially if they are using cloud-native infrastructures. The talk will discuss on what are the steps needed to make the clouds to be ready for NIS2.

Dr. Muhammad Ihsan Haikal Sukmana
Chief Product Officer
Mitigant
Dr Muhammad Ihsan Haikal Sukmana is co-founder and Chief Product Officer of Mitigant, a cybersecurity startup focused on cloud security and cyber resilience. He received his doctorate at Hasso...
How to Adopt Passkeys for B2C in Regulated Markets
17:45—18:00

Watch the video

 

There is no need to insist on the benefits of passkeys in terms of UX, security and even cost reduction. Together with their widespread availability on all kinds of platforms, it is a no brainer that any digital service provider should jump on to implement support for them.

A different question is how.

For financial service providers, this question is particularly relevant. Among the many things to consider are:

  • the critical nature of the assets they protect
  • financial regulations they need to comply with
  • legacy authentication solution that passkeys will have to replace or coexist with
  • the scale of their deployments
  • diversity of their user base in terms of approach to technology and channels available to access their services
  • their adjacent technologies for fraud reduction
  • integration with their CIAM infrastructure


Financial institutions (FIs) should embrace passkeys wholeheartedly, but there are many legitimate questions on how to do so. Based on our talks with FIs of all sizes worldwide since passkeys were announced mid last year, this session aims to address some of these questions.

Pedro Martinez
Business Owner of Digital Banking for Identity and Access Management
Thales
Pedro Martinez is the Business Owner of Digital Banking for Identity and Access Management at Thales. He is focused on business strategy and roadmap development, as well as ecosystem alliance for...
API Security and Management: Market Overview, Current Trends, Future Developments
18:00—18:15

Watch the video

 

From what used to be a purely technical concept created to make developers’ lives easier, Application Programming Interfaces (APIs) have evolved into one of the foundations of modern digital business. APIs are now powering the logistics of delivering digital products to partners and customers. Almost every software product or cloud service now comes with a set of APIs for management, integration, monitoring, or a multitude of other purposes.

This evolution only continues to accelerate. As new digital transformation initiatives across various industries emerge, diverse business models are reshaping the technical requirements for API development and operations dramatically. New standards, technologies, and development methodologies introduced by the need to support numerous use cases have also introduced additional complexity to existing API management platforms.
REST APIs are still commonly used today, but they are increasingly augmented or displaced with a variety of alternative protocols and standards, such as GraphQL or gRPC. In fact, the industry is evolving so fast that API management solutions in their traditional sense, like API gateways, can already be considered IT legacy products.

In a sense, API security has long become an industry of its own; with the scope of risks and challenges the industry confronts growing exponentially, API security solutions have to expand their coverage and grow in complexity themselves. Providing comprehensive protection against the broad range of API-specific threats and doing it consistently throughout the whole lifecycle of an API is complex. In this session, the results of our latest market research will be presented, helping you to understand the critical capabilities and to select the right solution for your specific problems and requirements.

Alexei Balaganski
Lead Analyst & CTO
KuppingerCole
Alexei is an analyst with specific focus on cybersecurity and Artificial Intelligence. At KuppingerCole, he covers a broad range of security-related topics: from database, application and API...
Cloud Security Alphabet Soup
18:15—18:30

Watch the video

 

Is securing your cloud security different from securing other forms of IT? You would think so from the alphabet soup of acronyms around the subject.
Organizations are exploiting cloud because they help to accelerate business changes without the need for capital expenditure or lengthy procurement delays to obtain hardware. However, the dynamic nature of cloud services creates new security challenges that need a dynamic approach to governance and security controls.
In addition, the responsibilities for security and compliance are shared between the CSP (Cloud Service Providers) and the cloud customer and it is up to the customer to ensure that they use the cloud in a secure and compliant manner. On top of that each cloud service provides its own proprietary tools for security. KuppingerCole Leadership Compass on CNAPP will help you to make sense of this.

How can an organization be sure that it is using cloud services securely and in a way that meet its compliance obligations and its appetite for risk? This presentation will provide an overview of the risks and how these tools can help.
After attending this presentation, you will be able to:

  • Describe the major risks related to the way organizations use cloud services.
  • Explain why cloud services need dynamic rather than static controls.
  • List the different kinds of tools (and their acronyms) that claim to manage these risks.
  • Describe the main functionality that a CNAPP solution should provide.

Mike Small
Senior Analyst
KuppingerCole
Mike Small is the retired director of security management strategy of CA, where he was responsible for the technical strategy for CA's security management software product line within Europe,...
Almost Ready to Join EIC 2024?
Reach out to our team with any remaining questions
Get in touch