Event Recording

Designing the New Identity Fabric

Show description
Speaker
Vadim Lander
Chief Technology Officer
Broadcom Software, IMS Division
Vadim Lander
Vadim Lander is currently the Chief Technology Officer and Distinguished Engineer for Symantec Identity Security at Broadcom. Vadim is a recognized IAM expert, having architected, developed, and led multiple, highly scalable IAM solutions to become industry leaders. He was...
View profile
Playlist
European Identity and Cloud Conference 2023
Event Recording
Market Overview CIAM: Customer Identity & Access Management
May 12, 2023

This session provides an overview of the CIAM solution market and provides you with a compass to help finding the solution that best meets your needs. In a recent Leadership Compass, KuppingerCole´s Senior Analyst John Tolbert examined the CIAM market segment, product/service functionality, relative market share, and innovative approaches to providing SOAR solutions.

Event Recording
The Art of Privilege Escalation - How Hackers Become Admins
May 11, 2023

Privilege escalation is also one of the most common techniques attackers use to discover and exfiltrate sensitive valuable data. From a hacker’s perspective, privilege escalation is the art of increasing privileges from the initial access, which is typically that of a standard user or application account, all the way up to administrator, root, or even full system access. With NT AuthoritySystem access or on Linux the root account, attackers have full access to one system. With Domain Administrator access, they own the entire network.

• Top Methods of Privilege Escalation on Windows and Linux
• Common Tools used to identify Privilege Escalation
• And more...

Event Recording
Cyber Criminals by Design – Using Digital Twins to Understand Misbehavior
May 11, 2023

A digital twin is a virtual representation of a real-life subject. This mapping encompasses its entire lifecycle, is updated from real-time data, and uses simulation, machine learning, and reasoning to support decision-making.

Human beings and their behavior can also be copied and simulated by digital twins. During the last talk at the EIC conference, we already looked at the threats, challenges and opportunities creating digital twins in cybersecurity.
This time we want to discuss how we can dive into a world through a digital twin of a cybercriminal to change perspectives and to understand the cybercriminals behavior.
Imagine having a tool that can perform these simulations at the highest level. Why not use it to our own advantage?
A digital twin that not only simulates the approach and behavioral patterns of cyber criminals but can also predict ahead of time. What if we can turn the tables on cybercriminals by fighting fire with fire?

Event Recording
CIAM, Wallets, Decentralized - Where is "Traditional" CIAM Heading?
May 12, 2023
Event Recording
Identity Inclusion – Why it Matters
May 09, 2023

The cornerstone of the digital world is trust and key to that experience is a secure and verifiable digital identity. More than one billion people worldwide lack a basic verifiable identity. Without recognizable and consistent proof of identity there can be no financial, health, citizen, or digital inclusion. Women in Identity is a not-for-profit organization championing diversity and inclusion in the identity sector.  Women in Identity enables change through awareness from our research projects (such as the code of conduct) and through our sponsors and members.  In this keynote the chair and vice chair of the Board will share insights on the impact of identity exclusion and provide practical and pragmatic ways organizations and individuals can help drive Identity inclusion. 

Event Recording
Policy-Based Access, Just-in-Time IAM, Next-Gen IAM - Getting Rid of Roles and Recertification
May 11, 2023

Access control is a key part of cyber security, however traditional approaches do not work well for modern business IT environments that nowadays typically include a mix of applications on-prem and across multiple cloud environments.

Most modern companies tend to struggle with access management for a variety of reasons. These include the fact that it is difficult to make the necessary connections to the many disparate IT systems for which they need to provision access, role-based access management is challenging, static role-based entitlements are difficult to manage and typically require regular recertification processes, and traditional approaches are focused on granting access to resources required by an individual to perform their job function, but do not cover how those rights are actually used to stop any abuse of entitlements.

In addition, course-grained authorization is no longer sufficient because modern applications and sensitive data assets in cloud-native, containerized and DevOps environments require fine grained authorization capabilities that can also supply identity attributes and context variables.

A policy-based approach can address many of the pain points experienced by organizations today by enabling a centralized, consistent, dynamic, on-demand (just-in-time) way of managing access to IT resources. In this panel session we will discuss nothing less than the future of Access Management.

Event Recording
Identity in the C-Suite? The Role of the Chief Identity Officer
May 11, 2023

Whereas our Privacy and Security peers have top executive-level access and presence as well as often Board-level access, Identity typically does not.

Should that continue to be the case? Are the conditions right for the establishment of a Chief Identity Office… and is that even a good idea?

In this panel, Drs. Jacoba Sieders, Denny Prvu, and Ian Glazer will debate the pros and cons of the notion of a Chief Identity Officer role. Topics will include:

  • What would the value of such a role be? And how is such a role measured?
  • What would the responsibilities of said Officer be and what is the role’s remit? What are its boundaries?
  • What questions should the Board and C-Suite be asking? What should they know about identity that they don’t today?
  • How would such an Officer quantify the value of the identity infrastructure to the business?
  • Does the need for the role differ based on industry sector and geography?
  • How would this role fit with the Chief Digital Officer, Information Security Officer, and Privacy / Data Protection Officer?
  • And how would this make things better for the digital identity practitioner and the industry as a whole?
Event Recording
Use AI to Make Account Takeover a Frustrating Experience... For the Attacker
May 11, 2023

Sure, MFA goes a long way in preventing account takeover but it is only one layer. Using AI to look at identity data to evaluate risk can add an additional layers – not only to prevent takeover but mitigate the impact once a takeover happened. 

Event Recording
The MFA Dilemma and Moving Beyond Mobile
May 10, 2023

This panel will explore the current state of multifactor authentication (MFA) and its limitations, as well as potential solutions for improving the security and user experience of MFA. We will discuss topics such as the challenges of implementing MFA, the limitations of mobile-based MFA, and alternative methods for MFA, such as biometrics and behavioral analysis. The panel will also address the future of MFA, discussing the potential for new technologies to improve security and user experience, and the role of industry and government in shaping the future of MFA. Overall, the panel aims to provide valuable insights and perspectives on the multifactor authentication dilemma and the steps needed to move beyond mobile-based solutions.

Event Recording
3 Dimensions of Digital Sovereignty
May 09, 2023

Digital sovereignty has become an important topic for individuals as well as a strategic issue for countries and businesses, allowing them to operate in an environment that they trust and can control. This necessitates technology that is not overly reliant on third parties, where there is a risk of misuse of trust or non-compliance.

In this session, we will explore 3 dimensions of digital sovereignty related to identity:

  • Sovereignty of the Individual: The need to protect the individual has triggered privacy laws around the world, like GDPR. Providing end users with more control is now taken one step further with the adoption of the so-called "Self-Sovereign identity (SSI)" and "identity wallets." With SSI, users are in powerful control of their personal data, resulting in a privacy-first user experience.
  • Geopolitical Sovereignty: According to geopolitical sovereignty, data about citizens is subject to the laws and governance of the nation or state to which they belong. As data and the behavior of people become more valuable for countries, the transfer of data is regulated by laws like the US Cloud Act and GDPR. Compliance with cross-border data transfers is becoming more important than ever. 
  • Organisational Sovereignty: Organizations want to protect the interests of their employees, gig workers, customers, and business ecosystem. They also have to comply with multiple data sovereignty laws in various countries (for example, Schrems II, CCPA, LGPD, and so on). This leads to questions like, "Where is my data?" "Who has access?" and "Who holds the keys?" The more global organizations are, the more complex this process is due to the numerous local regulations they have to follow.
Event Recording
eIDAS 2.0 & Digital Identity Wallet Readiness: What Your Organisation Needs to Know About Digital Identity Wallets
May 12, 2023

The revision of the eIDAS regulation introduces new requirements, challenges as well as opportunities for organisations. In this talk Adrian Doerk provides a structured guidance of aspects organisations need to be aware of to be well positioned in the market. After a general introduction to the eIdAS ecosystem, the focus will be on organisations who want to issue and verify qualified electronic attestation of attributes to/from the European Digital Identity Wallet. 

Event Recording
A Sovereign Cloud for the German Government
May 11, 2023

You will learn about the Sovereign Cloud for the German Government, this solution is based on Azure and operated by Delos Cloud Gmbh