Event Recording

The Decentralized Identity Journey has Begun in Financial Services

Show description
Speakers
Darrell Geusz
Product Lead
Ping Identity
Darrell Geusz
Darrell Geusz has 25 years of experience in identity, credentialing and access management (ICAM) systems and solutions for both the public and private sector. Darrell managed his first mobile identity solution in 1997. Darrell is product lead...
View profile
Yaron Zehavi
Senior Enterprise Architect
Raiffeisen Bank International AG
Yaron Zehavi
Yaron Zehavi has 20 years of experience designing and developing technology solutions. Yaron has been focused on the financial services sector since 2004. Yaron is Customer IAM lead overseeing the needs of digital platforms deployed in 12 banks across Europe serving...
View profile
Playlist
European Identity and Cloud Conference 2023
Event Recording
Trust Inspiring CIAM – Essentials for a Secure, Experience-Driven Digital Business
May 12, 2023

Confusing Customer Identity Management (CIAM) with traditional Enterprise IAM comes at a high price: Applying internal regulatory compliance requirements and heavy security challenges to customer-focused interactions could easily limit user experience in a way that it measurably affects your digital business success, with dropped or interrupted transactions. Building Identity & Access around your customers' needs requires a profoundly different approach, which is on the one hand a trust-driven interaction experience with your brand, and on the other hand, complies with KYC and Cybersecurity requirements. In this session, we will give you an overview on the current state of CIAM and future developments you should include in your considerations before deciding on how to move forward.

Event Recording
Managing Your Enterprise Security Posture to Avoid Web3 and Smart Contract Breaches. Practices & Lessons for Enterprises with Case Studies
May 11, 2023

Web3 is a revolutionary changing aspect of technology in the current era but protecting Web3 will be a challenge considering how smart contracts are challenging. New businesses utilizing blockchain technology are more focused on business while their different assets need eyes, such as the most vulnerable DApps and Web3 services.

Decentralized applications, commonly referred to as dApps, are not controlled by a single point of authority. Instead, they run on a blockchain or a P2P network, making them more complex and riskier than traditional applications.

In this talk, we'll discuss how hackers are utilizing their techniques to attack web3 and smart contracts and what are best practices for enterprises to prepare for the challenge.

Event Recording
Identity in the C-Suite? The Role of the Chief Identity Officer
May 11, 2023

Whereas our Privacy and Security peers have top executive-level access and presence as well as often Board-level access, Identity typically does not.

Should that continue to be the case? Are the conditions right for the establishment of a Chief Identity Office… and is that even a good idea?

In this panel, Drs. Jacoba Sieders, Denny Prvu, and Ian Glazer will debate the pros and cons of the notion of a Chief Identity Officer role. Topics will include:

  • What would the value of such a role be? And how is such a role measured?
  • What would the responsibilities of said Officer be and what is the role’s remit? What are its boundaries?
  • What questions should the Board and C-Suite be asking? What should they know about identity that they don’t today?
  • How would such an Officer quantify the value of the identity infrastructure to the business?
  • Does the need for the role differ based on industry sector and geography?
  • How would this role fit with the Chief Digital Officer, Information Security Officer, and Privacy / Data Protection Officer?
  • And how would this make things better for the digital identity practitioner and the industry as a whole?
Event Recording
A Sovereign Cloud for the German Government
May 11, 2023

You will learn about the Sovereign Cloud for the German Government, this solution is based on Azure and operated by Delos Cloud Gmbh

Event Recording
Passwordless Primer
May 10, 2023

Passwordless authentication counts amongst the hot topics in IAM. In this session, the variants of passwordless authentication will be explained. Phishing resistance, device binding, secure elements, and many of the other technical aspects will be explained, put into context, and rated regarding their relevance for different use cases. The session also will discuss use cases and their specific needs, from simplified access to office solutions to a unified passwordless authentication for the entire IT environment.

Event Recording
B2B IAM: A Gap Between Modern Demands and Current Practices
May 12, 2023

Most enterprises nowadays need to grant access to multiple business partners daily as they heavily rely on online interactions (online relationships) with one another. 

Thus, an ever-expanding, interconnected digital ecosystem emerges, the complexities of which frequently result in operational inefficiencies, security risks, increased administrative costs, and unintuitive user experiences. 

These challenges are long lived in the B2B identity management space. Yet still today, many organisations continue to struggle using outdated, homegrown and oftentimes error prone centralised IAM systems.  

This session will unwrap modern, decentralised solution trends in the fast-growing segment of IAM using real-life use cases. It will also explore best practices for digital access and delegation management for business partners - seamlessly and securely at scale. 

 

Event Recording
Celebrating a Digital Age to Advance Digital Stages of Necessity
May 11, 2023

Samuel Devasahayam will discuss the past decade of identity sights through Microsoft’s lens, demonstrating that security in a digital age remains valuable, and detailing what these insights imply for the next decade to continue building customer trust and resilient infrastructures.

Event Recording
The Path to Passwordless is Paved with Orchestration
May 10, 2023

End-users have become accustomed to shopping, dining, traveling, learning, and caring for their health in an ever-more-digital fashion. Unfortunately, bad actors have put personal data at greater risk by perfecting a loop of using previously breached data to drive new data-rich breaches. We’ll examine:

  • The newest standards that help render stolen passwords worthless for launching new attacks
  • How to apply an identity-layer signal of signals, unifying systems of intelligence
  • Ways to match enhanced security with superior user experience
Event Recording
Validating the Security of Mobile Authentication Apps
May 10, 2023

You are shifting through RFIs for a new mobile app based multi-factor authentication solution for your company. The vendors claim that their products are 100% secure and we all know that there's no such thing as a 100% secure solution, but it's marketing and you know how marketing sometimes goes overboard. How do you determine if the solution is actually fit for your appetite for risk? Can you be sure development time dev credentials have been cleaned up? Is the rooting detection any good? Does the app store plaintext credentials? Is it vulnerable or can someone build a scalable attack against the product you are about to acquire to protect your crown jewels? Let's take a look at different options out there and talk a little bit about what you can request from the vendors.

Event Recording
Identity Fabrics Maturity Levels
May 10, 2023

The term “Identity Fabrics” stands for a paradigm and concept of a comprehensive and integrated set of Identity Services, delivering the capabilities required for providing seamless and controlled access for everyone to every service. Identity Fabrics support various types of identities such as employees, partners, consumers, or things. They deliver the full range of identity services required by an organization.

Identity Fabrics are not necessarily based on a technology, tool, or cloud service, but a paradigm for architecting IAM within enterprises. Commonly, the services are provided by a combination of several tools and services, with up to three solutions forming the core of the Identity Fabric. Most organizations that are using this paradigm as a foundation for the evolution of their overall IAM tend to build on a strong core platform for delivering major features and complementing this by other solutions.

We will look at what must be in every Identity Fabric, and how to evolve from a foundational Identity Fabrics approach towards a higher level of maturity. The session will look at concrete capabilities per maturity level and service group within Identity Fabrics.

Event Recording
Weaving a Standards Framework for Non-Human Identities
May 11, 2023

We entrust workloads and devices with our most sensitive data, giving them access to far more information than the human on whose behalf it operates, if it is even operating on behalf of a human. Yet, managing these non-human identities and applying Zero Trust Policies to them is a Herculean task complicated by a heterogenous technology landscape, amplified by multi-cloud/multi-hybrid environments, exacerbated by critical skills shortages and magnified by exponential growth in workload and device identities.

It's the kind of problem standards excel at solving by creating interoperability layers between heterogenous environments, codifying the wisdom of the crowd to alleviate pressures on rare skills, and creating eco-systems of interoperable solutions that meet a common security bar.

Fortunately there are already several standards efforts that can help us manage non-human identities. But how are all these efforts related and how to we avoid replacing a patchwork of heterogenous solutions with a patchwork of heterogenous standards? Is it possible to craft a standards framework and connect all these efforts in a single identity trust fabric, and is that desirable? If we had such a framework, what would it look like?

In this talk we explore the benefits of weaving a standards framework for non-human identities by bringing together more than 18 standards from at least 7 standards bodies while identifying opportunities to align and connect them all to solve the emerging challenge of managing non-human identities at scale.

Event Recording
Cyber Insurance: Results from a Recent Survey
May 12, 2023

After several tumultuous years, the cyber insurance safety net is in question as costs rise and coverage contracts. Research conducted with IT security professionals to understand the real-life experiences companies have in obtaining and using cyber insurance.In this session we’ll unpack the survey findings and put them in context. Join the discussion to prepare for your next cyber insurance assessment so you end up with coverage and rates that accurately reflect your organization’s risk profile.

Joe Carson will talk about

  • The factors driving the skyrocketing costs of cyber insurance
  • The role Boards of Directors play in driving demand for cyber insurance
  • Fine print to check before finalizing your cyber insurance policy

And help you find answers to these questions

  • What security controls do cyber insurance companies expect you to have?
  • What cyber incidents are excluded from cyber insurance policies?
  • What recovery costs does cyber insurance cover?