Event Recording

André Durand - No Security without Identity

Show description
Speaker
André Durand
Founder & CEO
Ping Identity
André Durand
Andre Durand is a twelve year veteran of the enterprise software industry, a recognized leader in the identity industry and a pioneer behind the concepts of the digital identity network. In addition to his role as CEO of Ping Identity, Mr. Durand co-founded and co-chairs Digital ID World , the...
View profile
Playlist
European Identity & Cloud Conference 2015
Event Recording
Mapping the Changes in Data and Identity Risk Landscapes
May 16, 2015

Well-managed organizations address unique and emerging risks, such as networked data and identity-related risks in the context of their overall risk profile, and seek to implement solutions that can cost-effectively address organizational risk at multiple levels. As new online and networked system risks associated with data and identity handling systems have surfaced, pre-existing risks still remain relevant; and together they vie for the attention of managers around the world, causing them many sleepless nights. How are emerging risks similar to and different from traditional risks faced by enterprises? How can traditional risk mitigation strategies inform, or mislead, managers seeking to address emerging risks?

Event Recording
Luca Martelli, Christian Patrascu - Evolution or Revolution: Unlocking The Potential of The New Digital Economy
May 14, 2015

Cloud, Mobile & Social continue to have an impacting effect on IAM projects. In addition to this, Digital business plus Internet of Things have begun to further influence the IAM programs worldwide. The Convergence of identities like people & things is furthermore driving these trends. Hence the question can be put: Is Identity in the gravity center of these emerging trends? The presentation goes though some real life examples of how Security and Identity Management are enabling Digital Transformation from the business and technical points of view.

Event Recording
Bringing it All Together – Distributed Strategy Solutions for Distributed Risk
May 16, 2015

In evaluating distributed systems risk, the attention to data is misdirected. Rather it is the distributed nature of data management systems (and the increase in interaction volume) that increase the perception and actuality of risk. Distributed problems need distributed solutions. Applying the community of interest approach – how can your organization more effectively reduce and manage risk?

Event Recording
Prabath Siriwardena - Connected Identity: Benefits, Risks & Challenges
May 15, 2015

SAML, OpenID, OpenID Connect, WS-Federation all support identity federation – cross domain authentication. But, can we always expect all the parties in a connected environment to support SAML, OpenID or OpenID Connect? Most of the federation systems we see today are in silos. It can be a silo of SAML federation, a silo of OpenID Connect federation or a silo of OpenID federation. Even in a given federation silo how do you scale with increasing number of service providers and identity providers? Each service provider has to trust each identity provider and this leads into the Spaghetti Identity anti-pattern.

Federation Silos and Spaghetti Identity are two anti-patterns that need to be addressed. This talk presents benefits, risks and challenges in a connected identity environment.

Event Recording
The Role of Policy Management in the Software-Defined Era
May 16, 2015

The panel is comprised of industry experts from NIST NCCoE, Microsoft, Intel, Cisco and HyTrust, who discuss the role of policy management in the software-defined era. Speakers present commonly used policy definitions and usage, and debate the emerging need for policy-based resource lifecycle management, including how to secure these resources and demonstrate compliance, leveraging concrete use cases: 1) Software Defined Networking, 2) Software Defined Data Center/Orchestration, and 3) NCCoE Building Blocks – ABAC and Trusted Geo-Location.

Event Recording
Kuan Hon, Dr. Karsten Kinast - The EU Draft General Data Protection Regulation: Where are we and what can we expect?
May 15, 2015

Keynote at the European Identity & Cloud Conference 2015

Event Recording
John Hermans - "Guiding" the Management and Supervisory Boards to Choose the Right Investment Priorities for Cyber Risk Mitigation
May 14, 2015

Cyber security has been under the spotlight for the past few years. Due to the number and seriousness of cyber incidents, the media’s focus on such incidents and the importance of tackling cyber issues in the extensive digitization of most organisations, this area requires the attention of C-level executives and supervisory boards. John discusses in his talk some lessons learned on how to engage C-level executives and board members to take well-informed, business risk driven decisions on handling the cyber risk.

Event Recording
Dr. Jan Camenisch - Cryptography for the People
May 15, 2015

As our lives are becoming increasingly digital, we all need to protect and manage our personal digital assets including family pictures, health information, contact data, calendar entries, and digital identity information. We store and use these information at different places using different devices.

In this talk, Dr. Camenisch reviews the state of the art in cryptography in terms of how it can help us to protect and manage our data on different devices and in the cloud. He discusses what features the different cryptographic mechanisms provide and to what extend they can be used in practice or how far out they are.

Event Recording
Yariv Lenchner - Securing Privileged Identities in OT (Operational Technology) and Industrial Control Systems
May 15, 2015

In the last years we see that privileged accounts in Operational Technology (OT) environments (e.g. critical infrastructure) have an even higher importance and criticality than in the traditional IT. OT networks and the Internet of Things (IoT) implementations are taking shape and are being connected to enterprise networks and to the internet. This brings many business advantages but also opens these once isolated technologies to advance threats. Securing these privileged account and their privileged sessions are a critical security practice for enterprises and critical infrastructure operators.

Event Recording
Hanns Proenen - From Security to Information Security to Digital Risk
May 16, 2015

Hanns Proenen takes you on a small journey through traditional IT security, as it was until recently, and how he is observing and experiencing the shift to information security and IT risk. He talks about the tasks for the IT Risk Officer and how to build a firewall between the digital and the analogue world. 

Event Recording
Howard Mannella - I Am a Black Swan
May 15, 2015

Much has been written about “Black Swans”: unpredicted, massively game-changing and, in hindsight completely foreseeable events. Why do they happen and why are we surprised? More importantly, what can we do to mitigate against the unforeseeable?

The potential for game-changing risks is becoming more frequent and more impactful, due to global drivers and trends: from the technology front (speed of technical advance and disintermediation of technology) to the business front (concentration risk from outsourcing and interdependencies of supply chains) to the political front (Eurozone consolidation and global terrorism).

Event Recording
Amar Singh - It Takes a Community to Reduce Risk
May 16, 2015

To help stakeholders balancing their needs to protect the organization against the needs to run the business - this is the new role IT professionals have to take over in the era of digital business. Moving forward, security people aren´t the "defenders against cyber threats" anymore. They are becoming the facilitators of a balance between the needs to protect and the needs to run a business. In digital Business, we are moving things into the cloud. We are moving things into software-as-a service. We don´t have control of them anymore. A lot of the traditional technologies just don´t apply. So we have to start looking at other things like contract clauses and the new types of controls which come along with the new breed of digital risks.