Event Recording

Thom Langford - Flushing Away Preconceptions of Risk

Show description
Speaker
Thom Langford
Global Security Advocate
SentinelOne
Thom Langford
In December 2020 Thom joined SentinelOne as a global Security Advocate. Thom established himself as CISO at large global organisations, having founded their security teams and services from the ground up. He also founded (TL)2 Security, an international strategic information security...
View profile
Playlist
European Identity & Cloud Conference 2015
Event Recording
Prabath Siriwardena - Connected Identity: Benefits, Risks & Challenges
May 15, 2015

SAML, OpenID, OpenID Connect, WS-Federation all support identity federation – cross domain authentication. But, can we always expect all the parties in a connected environment to support SAML, OpenID or OpenID Connect? Most of the federation systems we see today are in silos. It can be a silo of SAML federation, a silo of OpenID Connect federation or a silo of OpenID federation. Even in a given federation silo how do you scale with increasing number of service providers and identity providers? Each service provider has to trust each identity provider and this leads into the Spaghetti Identity anti-pattern.

Federation Silos and Spaghetti Identity are two anti-patterns that need to be addressed. This talk presents benefits, risks and challenges in a connected identity environment.

Event Recording
John Hermans - "Guiding" the Management and Supervisory Boards to Choose the Right Investment Priorities for Cyber Risk Mitigation
May 14, 2015

Cyber security has been under the spotlight for the past few years. Due to the number and seriousness of cyber incidents, the media’s focus on such incidents and the importance of tackling cyber issues in the extensive digitization of most organisations, this area requires the attention of C-level executives and supervisory boards. John discusses in his talk some lessons learned on how to engage C-level executives and board members to take well-informed, business risk driven decisions on handling the cyber risk.

Event Recording
Amar Singh - It Takes a Community to Reduce Risk
May 16, 2015

To help stakeholders balancing their needs to protect the organization against the needs to run the business - this is the new role IT professionals have to take over in the era of digital business. Moving forward, security people aren´t the "defenders against cyber threats" anymore. They are becoming the facilitators of a balance between the needs to protect and the needs to run a business. In digital Business, we are moving things into the cloud. We are moving things into software-as-a service. We don´t have control of them anymore. A lot of the traditional technologies just don´t apply. So we have to start looking at other things like contract clauses and the new types of controls which come along with the new breed of digital risks.

Event Recording
Kuan Hon, Dr. Karsten Kinast - The EU Draft General Data Protection Regulation: Where are we and what can we expect?
May 15, 2015

Keynote at the European Identity & Cloud Conference 2015

Event Recording
Dr. Jan Camenisch - Cryptography for the People
May 15, 2015

As our lives are becoming increasingly digital, we all need to protect and manage our personal digital assets including family pictures, health information, contact data, calendar entries, and digital identity information. We store and use these information at different places using different devices.

In this talk, Dr. Camenisch reviews the state of the art in cryptography in terms of how it can help us to protect and manage our data on different devices and in the cloud. He discusses what features the different cryptographic mechanisms provide and to what extend they can be used in practice or how far out they are.

Event Recording
Ian Glazer - Stop Treating your Customers like your Employees
May 15, 2015

Enterprise identity management has been primarily focused on serving the correct access to employees and contractors. But as the industry has been perfecting how to serve employees, consumer identity has presented itself as a growth opportunity for businesses and identity professionals alike. Unfortunately, the industry has tried to apply employee-centric techniques for consumer and citizen identity scenarios. In this talk, Mr. Glazer highlights the difference between employee- and customer-centric identity and proposes techniques that identity professionals need to employ to delight customers.

Event Recording
The Role of Policy Management in the Software-Defined Era
May 16, 2015

The panel is comprised of industry experts from NIST NCCoE, Microsoft, Intel, Cisco and HyTrust, who discuss the role of policy management in the software-defined era. Speakers present commonly used policy definitions and usage, and debate the emerging need for policy-based resource lifecycle management, including how to secure these resources and demonstrate compliance, leveraging concrete use cases: 1) Software Defined Networking, 2) Software Defined Data Center/Orchestration, and 3) NCCoE Building Blocks – ABAC and Trusted Geo-Location.

Event Recording
Eve Maler - User-Managed Identity and Access for the Digitally Transformative Enterprise
May 14, 2015

Self-determination, decisional autonomy, privacy enablement, and meaningful choice are not just tools for customer satisfaction: They’re also tools and characteristics for identity management in the enterprise that’s ready for digital transformation. How has user-managed identity and access shaped up so far, in terms of technology, processes, and adoption? And what progress can we expect in the decade to come? Join ForgeRock innovation VP Eve Maler to learn about the exciting ride we’ll all be on — one you’ll actually enjoy, because last we checked, enterprise IT experts are people too.

Event Recording
Howard Mannella - I Am a Black Swan
May 15, 2015

Much has been written about “Black Swans”: unpredicted, massively game-changing and, in hindsight completely foreseeable events. Why do they happen and why are we surprised? More importantly, what can we do to mitigate against the unforeseeable?

The potential for game-changing risks is becoming more frequent and more impactful, due to global drivers and trends: from the technology front (speed of technical advance and disintermediation of technology) to the business front (concentration risk from outsourcing and interdependencies of supply chains) to the political front (Eurozone consolidation and global terrorism).

Event Recording
André Durand - No Security without Identity
May 13, 2015

The holy grail of security is to ensure the right people have access to the right things, always, anywhere, everywhere and all the time. Is it simply coincidence or a premonition of fate that the mission of the Identerati is to enable the same thing? With identity becoming the control point, the backplane and the new perimeter in a world with shifting borders, it's time to rethink our overall approach to information security. Identity defined security is moving to center stage and this session will explore the patterns and architectures of this new approach to security.

Event Recording
Bringing it All Together – Distributed Strategy Solutions for Distributed Risk
May 16, 2015

In evaluating distributed systems risk, the attention to data is misdirected. Rather it is the distributed nature of data management systems (and the increase in interaction volume) that increase the perception and actuality of risk. Distributed problems need distributed solutions. Applying the community of interest approach – how can your organization more effectively reduce and manage risk?

Event Recording
Ravi Srinivasan - Digital Identities = Security Threats. Is your IAM Program Ready?
May 14, 2015

Digital Identities are transforming the way companies architect their IT environment. They adapt and optimize by moving to cloud, adopting mobile technologies and interacting with customers through social platforms. These open enterprises now have little control over how users are entering their networks to access corporate information. As such, Identity has become a key security parameter that businesses can control. Watch this session to learn how organizations can manage the identity context across all security domains by implementing a threat-aware approach to IAM.