KuppingerCole Webinar recording
KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Optimize your decision-making process with the most comprehensive and up-to-date market data available.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Configure your individual requirements to discover the ideal solution for your business.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
KuppingerCole Webinar recording
KuppingerCole Webinar recording
Good afternoon, ladies and gentlemen, welcome to our webinar, EIC 2013 preview. And this webinar, I will talk about what will happen at the ECU. So talking a little bit about the agenda, about the topics we will cover there, giving you some first impression of our upcoming conference before we start some general information. So first of all, keeping a call. We are Analyst company providing enterprise it research advisory, decision support, networking for it professionals through our research services. So reports that are our advisory services and our events mainland.
And the thing we will talk about today is our European identity and cloud conference saw leadership and best practices, digital ID, cloud, and GRC. The conference will take place in Munich, May 14th to 17th. So it's definitely the master town conference around identity cloud and all the related topics over here in Europe. And you definitely shouldn't miss to attend this regarding the webinar you center, so you don't have, or I mute yourself. We control these features. We will record the webinar. The podcast recording will be available tomorrow, as well as this slack deck and Q a will be.
At the end. You can ask questions using the questions and answer tool time, and we'll pick up them at the end, or sometimes during the webinar, maybe additional information. If you look@idcom.com. So our conference webinar website, so id.com there, you will find also the current status of the agenda. So you can have a look at this. This is sort of a living agenda. We are still in the process of adding some panelists, adding some sessions, some best practices, etcetera, but I think it will give you a fairly good impression as well.
And here's our agenda sort of at a glance, like always we'll start with some preconference workshops the first day, which Tuesday, May 14th. In the afternoon, we will have a series of keynote sessions starting with my own opening keynote and being followed by a lot of other keynotes. I will quickly talk about some keynotes later. We will have snacks and drinks the evening, the next morning, some few keynotes, and then we will have our first direct governance, privacy data protection, etcetera, etcetera.
And so I will go into these directs during this webinar, giving you some information about what you can expect. They're giving you some first impression about the topics we will cover. And then on Friday, May 17th, we will have free workshops. One is an access governance workshop, which will I, which I will do. We will have a cloud provider selection and assurance workshop, which will, will be done by Mike Small and a workshop real world. I am in practice, which will be done by my colleague, Peter Cumming.
So we'll have three workshops, really providing a lot of our experience from the, from the advisory business, from our research cetera to you. I think all of these workshops will be very valuable to attend as well. So that's the sort of agenda at agenda at a glance. We have a lot of keynotes there. I just put in here some of our keynote speakers. So we will have people like Peter Boyle from PT. We'll have professor the CIO of the Republic type one, sorry, forest Austria. We will have Kim Cameron. Docer Kel.
Who's leading the GRC initiative Analyst initiatives of diet bank, Cal Mara, the managing director of eon it on one of the largest utility companies. And he's the one who is leading their it subsidiary. We'll have the CIO of the fairly from Italy. Greg Burton for sure will be here again. Bob Armand, Y V Roski, the one who is the, the data protection officer of Poland, professor Berg from the good university of Frankfurt, cetera. So we have have a very interesting mix of people from the Analyst Analyst space, from the industry, from the end user organizations and also from standard bodies.
Cetera. So it's really all the views you need combined here, all the different views available. I think that's what really makes a lot of the value of conference like the FC. And then as I said, we'll have a lot of tracks there. And one of the most important tracks always these days is access governance. So we will have a track. The strike will be led by que from Deutche bank. So it'll be driven by really the, the experience of end organizations. It will be driven by the best practice experience.
And we will talk about topics like bridging the gap between business it, the key elements of your access governance strategies. What do you do you really have to have in mind, which is not only technology it's about organizational framework, guidelines and processes. And we did a lot of work with our advisory customers on these areas. Other of other speakers also have a broad experience. It's also about access governance and the enterprise GFC aspect. So how to integrate it into your organization and controls, we will look at new types of controls.
So attribute based access controls what's happening beyond the roles. And we will look at the vendor landscape talking also a Little bit about our keeping a co leadership and access governance, which we, which we have published Friday last week. The leadership is a comparison of the product in the market with a lot of different metricses, which really show you how we rate the lenders and that products in that particular market segment. And so we will also talk about these things, access governance, clearly one of the red top topics these days when it comes to implementation.
It's one of the things, when we look at the customers out there, which is really considered being the, the number one topic of the things which have to be done now. So some highlighted sessions, we will have best practice access governance and this intelligence at Deutche bank. So the Deutche bank talking about their own experience.
We will, for example, have an panel access governance, how to govern all access. This is sort of looking a little bit beyond the current state of access governance.
As of now, a lot of implementations on access governance are focused on the static access controls. So you have assigned someone to group to role, whatever, and this role has specific entitlements in the system. And then access governance looks at this is enforced correctly. Is it implemented correctly?
However, there are a lot of things happening there. What about all the things around dynamic authorization management? So how to deal with six ACML and access governance, or how to integrate user activity monitoring, or how to integrate privilege management. So all these privileged users and from, from the it side and the business privilege users, which you look at in traditional access governance, how to make it consistent, how to bring these things together. I think it'll be a very interesting panel there.
And then we will also, we will have another best practice, success story, introducing user access management for an energy trading company, which is held by Dr. Cast from eon global commodities, which is the energy trading subsidiary of eon. The utility company I've mentioned for governance clearly is a hot topic because this is what companies really are looking at. And another aspect of governance is cloud governance. There are a lot of standards around cloud out there, there are I think 35 or 35 plus standards.
Most of them are looking really at assurance only, and they are only touching a part of the cloud governance needs in this drag. We will look at cloud governance from various angles, for sure. We will look at cloud provider assurance to get what you pay for, but we will also look at approaches beyond track boxes, how to really manage your cloud. Whereas if you look at selection of cloud service providers, so before you can start doing cloud provider assurance, you need to have a standardized and efficient way to select the right cloud providers.
That's something we will touch on this cloud governance direct. That's something we will touch on the VE mentioning before. So overall, how does governance and can governance meet the cloud and why traditional governance processes fail and how to extend them to the new paradigm of cloud? What do there also in firing and to end security, etcetera.
So again, a series of, I think very interesting best practice presentations, Analyst, presentations, panels, etcetera, and cloud governance clearly offers related to our identity and topics because a lot of the things we are looking for is how to manage access to information on the cloud. So this is clearly also related here. Another aspect of governance we look at is what we call big data governance and stewardship, my colleagues, Mike Small and Dave current recently published a report, which is called from data leakage prevention to information stewardship.
So moving from point solutions, which you might implement from a technical perspective towards a more holistic concept of information stewardship. So really integrating information management and information governance there, and that's something which is clearly also relevant to big data. So big data is one of the hypes of these days, and I'm very sure that big data will remain topic for a very long period of time. So it will not disappear.
Again, big data is here. It's a reality. We have to understand how to deal with.
And, and one part of dealing with it is for sure the technical aspect of how do I analyze data to how do I use IDU? But the area we will look at is how to, what to do around big data security and governance, how to implement big data stewardship as part of information stewardship, but also how to leverage the potential of the API economy for big data. When we look at big data. So currently it's frequently seen as something where it's about consolidating a massive data into a big data store, but we need to become far more smart to access some additional information.
And that's where the API economy comes into play. One of the topics we have also a lot of research on Rick Burton is driving this in our team for quite a while right now. And we've also also talked for sure about big data, so small privacy, little security, and we will turn their wheel around and also talk about what can big data do for security. We have seen some recent announcement around that and there's a lot of thing. There are a lot of things going on around using big data technology for security. So that's something where again, things come together, big data.
So it's really about the API economy, how to make data smart. It's about big data privacy, the big data use case. So security has the big data use case. And on the other hand, how to secure big data. And we also will have a look at what does big data mean for life management platforms, life management platforms. One of the topics we are talking about since last year's ESE, it's the approach of enabling users to deal with the personal information in while keeping, while enforcing privacy and security. It's a very important concept which will change it fundamentally.
It's probably one of the two or three or maybe one big things for the next 10 years in it. And the data plays a role in there because done right. It's about allowing to do far more things with personal data without the privacy gap we are facing today with all the issues we are facing today. So a lot of interesting topics again here. And when we are talking about privacy and data protection, we clearly also have a track around this topics, these topics.
So with custom Keens, we have personal board who is on one side, a lawyer and lawyer was strong folks on exactly these topics of privacy data protection, it law, which also supports us in our Analyst work. So really bridging the gap between law and it, and I think that's really the big challenge today. So we all know that a lot of people are concerned about what do all these things, privacy data protection etcetera mean for us. When we look at bring your own devices, we, we are, we are facing a lot of Cray areas on the laws that if we look at other areas, it's always the same problem.
We know there, there are a lot of things to consider from the Al perspective, but there's a lot of uncertainty and we will help you reducing this uncertainty. So privacy meets business needs, bring your own device, lose, lose, or trust the right thing to do the impact of you. Do you use general data protection regulation, self regulation, etcetera. So there will be a lot of interesting topics there. And I also picked some here.
So we, for example, have a very interesting panel, EU general data protection regulation, 10 uneasy truth for any business, this will be held by. So the person from our company, professor Dr.
Re posh, Dr. Y H Bofski it'll be a panel really with some of the leading experts talking about is what does it mean for the business? These are people who are very, very, very close to what is happening in the EU today. We'll have an Analyst presentation beyond bringing your own device for privacy meets business needs. And I recently had a, in terms of conversation with custom keen around bring your own legal aspect. And that's definitely a master 10 presentation. It's an eye opener. It's so great to hear his views on this.
You shouldn't miss other topics will be clearly around in you, you legislation and its impact on identity management. Those will be around cm, worst data protection privacy, one of the topics, which is also highly important there, one of the let's say most or one of the largest strikes in the sense, the number of regarding number of sessions is, are managing identities and access in cloud mobile and social. It's about sort of looking at, we have identity access management here. What do we have to do in these days of the computing dry car in these days of cloud mobile, social computing.
So how to bridge the gaps between internal and external, how to really embrace and expand what you have, how to enable this to, to enable your existing in west month to do what you need to do now. And it's clearly not about killing your IM it's about really thinking about what do you do have to do as the next steps to have something which both works personally, which rocks both perfectly well for your internal environment and for your extended enterprise.
That also means looking at new it organizations, it means about talking about cloud and on-prem the cloud identity things which are currently happening. So we will also have a lot of sessions here. So it's really about the thing Greg introduced the term to computing recently. That's really, I think, core thing we have to cover. So we have broader biggest scope of information security beyond our on premise environment. Beyond our internal uses some partners, we might still manage HR towards the customer's leads, prospect, suspects, whatever we have to look at more devices.
And what we have to do is we have to address this in a consistent way. We shouldn't start with a little bit of mobile device management here in the mobile computing, a little bit of cloud over there. We need to identify what is the, the common element of this? What is the common denominator? What are the, where does come together? And what of the things we will cover here will be around risk and context based authentication and authorization, which is one of the central elements with some this future information security strategy. For sure. It's also about the identity explosion.
Like I've said, it's not only the employees anymore. It's not only a few partners anymore. It's about dealing with probably instead of some 20,000 employees dealing with some million customers and this requires new approaches. So we will talk about how to extend what you have to your future needs, how to make these things work together seamlessly, consistently, and how to make the best out of the investments you've did. And to focus on the new things, the new investments you need to make. We will talk about bringing your own device, consumerization mobile enterprise, a little bit more.
So information security and mobility, notar rights, the risks, fighter threats, mobile device management and area, by the way, we, where we are also doing a leadership compass document currently, which will be ready before EIC. So we will talk about winners in that space, but we we'll also talk about the limitations of mobile device management. Clearly the mobile device management market will grow, but the question is, should it really grow? Or what is the real role of mobile device management in a strategic approach on information security? So we will talk about a lot of these things.
Definitely also very interesting sessions here. It's about really supporting need to share. So from the centralized infrastructures we had from towards really an extended enterprise business partner integration with tighter integration of customers, et cetera. And we will talk about more in depth, how to build your I I infrastructure right way and support business today.
So that's really about what do you need today to solve your current real world issues you're facing not only about the future, about the big trends it's about down to earth, best practice driven experience, driven information about, so what is the future? What is the vision and how does it fit to what you have today is similar really that, what do you need to do today?
What do you need to do to, to make your authentication authorization evolve the right way, et cetera, since I will continue discussion here last year, introduced our future it paradigm, which really shows our view on, on how it organizations shall be structured. And I will continue talking about this. I will go deeper into detail on that really around why do we need new structures and new organizations for it? Which key elements does it need and how should an it organization look like? So that will be something we're I will continue talking about.
We're able dive deeper into details compared to what we did last year at THEC. And for sure there will be a lot of other interesting topics, which I will then start talking about in my keynote. So I won't, I do not want to UN wheel too much too early, but if you look at my blog post, which I will publish during the next few weeks, some of the new reports we will publish before EIC and all the things we will then publish at AIC, then you will see there is a lot of new things.
We will talk about a lot of new material, but everything focused on how can you build on your existing investments and become ready for the challenges of the future? We will talk about life management platforms, personal data and customer managed relationships, an area we started talking about last year as well, very much some areas we've touched years ago. So I remember, I think we had doc service some five years ago as a keynote speaker back then talking about vendor relationship management and all this condenses into what we call live management platforms.
There's a free report on live management platforms available at our a call website, which you can download. We will update this report before.
Yeah, see again, there are other things happening in this area, new reports, etcetera. So we will talk about where, what are life management platforms? Where are they today? How do they help enabling a person to manage all of this life sort of things in a digital way. So all the insurance contracts, the information about your car, your salary statements, your pension funds, whatever you, you could imagine in a, in a secure way, in a privacy aware way, how to share data without unwilling the data. So how to keep the idea of minimal disclosure in place.
And we see a lot of evolution there, there are some personal data sources center, but most of them fail in really enabling and enforcing privacy. That's something we will talk about in the context of live management platforms. We will talk about trust that identities and trust frameworks and what trust frameworks really are and need to be et cetera.
So this will be also a clearly, very interesting area, a little bit more looking into the, but behind this, there are so many interesting business models that this will become clearly a highly important area of it because it will enable organizations to connect in a fundamental different way with their customers. Then they can do today. If you look at insurances, if you look at health providers, etcetera, just have a look at our website at the new newsletter day currents has published today. A lot of you might have received it, read it and look at it, what it means.
For example, for healthcare, it will change healthcare. And it's the enabler for healthcare change. It's DNA for a lot of other things. So that's our topic here. We will have some round tables there. One round table is what we call our finance industry forum, where we specifically have some sessions for experts and peers from the financial services. So share your experience with your peers and other financial institutions. This will be a lot of opportunity for open discussions for very intense discussions. It'll be complimented by a lot of sessions and, and parallel tracks, etcetera.
So helping you to make a perfect day out of this when you're from finance industry. So what does cloud computing mean for the financial sector? The role of identified Aion etcetera. And we will have a round table around our life management initiative, which we will kick off there to bring together their relevant players in the market to make sure in companies cetera, etcetera, to, to really continue. And then to really start pushing this highly important topic and to, to really start implementing new business case. We have some new things there.
So one thing which will be new influenza 13 is what, what we call the beer garden talks. So the conference is in Munich. Munich is pretty well known for its beer and for its beer gardens.
And a lot we'll introduce is there the opportunity to, to talk and challenge vendors in a very relaxed atmosphere it's placed around the breaks of the Maina trend, that tracks and in the later afternoon, so that you can attend the sessions and then have your break with some more information and a relaxed atmosphere with our short track presentations felt by whens describing their approach and how to solve your critical business challenges and the opportunity to direct and intensively discuss right, just them right after a presentation.
So it's really about making maximum use of your time while you still have the opportunity for some coffee and drinks, even while it's beer garden, it will be not mainly around beer because it's heavily during the day. So, but it's, I think a very interesting firm because it allows you to connect to winners while doing your while, having your break pretty bless. You we'll have some workshops that I've talked about, some of them. So one will be real world IM and practice practice.
So defining the IM program that fits best to your organizations while taking all these different regulations, standard IM patterns account. So how to take your IM to the next level with standardized patterns, how to achieve success with IM implementation. Another workshop will be the in fact cloud provider selection and assurance workshop. So it'll be around leading you student steps necessary to assure the cloud services, meet business requirements. What does COVID five mean for cloud commuting?
Etcetera, there will be government advice. So these workshops, they will be led by a call Analyst in that case, Mike Small, but it's a workshop. So it's about open discussion, very in terms of engagement, it's not about hundreds of slides. It's about some introductory slides mindset and then a very intensive discussion. And maybe the one writer or few have attended USC workshop before USC workshops are, are pretty well known for these very intensive discussions we are having there. Okay.
And then, yeah, finally, some, some hints on, on additional select sessions. So as I've said, we have our website online. You can have a look at the agenda, but there are many, many interesting session. So there will be a Heine bank session by their CSO best, best practice. I am governance outside.
It, there will be the big datas, more privacy of that. Dr. Custom keynote, the Deutche bank practice, the Deutche bank keynotes and always is panel on standards. So ID protocols out with the old and in with you people like Greg burn, Darren rolls, Paul Matthias and David Pari.
Cetera, last knowing of artists will talk about one identity heaven. Rahel do we need more than one?
We, one of our Analyst we'll talk about software and active defense, the future of information security. So starting really at the very core of the problem by software integrity, et cetera, professor Berg will talk about can phones help you to manage your identity privacy? So it's one of these mobile keynotes Martin Al from key will talk about live management platforms and really best practices experienced from the real world, Toronto and Coley or psychotic will talk about password mismanagement or avoiding password mismanagement, etcetera, etcetera.
I said there are many, many sessions, a lot of interesting speakers, a lot of interesting panels. And like every year, yes, he will be this mix of keynotes Analyst, presentations, best practices panels.
And, and, and it'll be really the place to be, to talk about what is happening today in the, in the future and anti access management, cloud security and governance and all the related tops, the information security conference youas attend. So that's sort of in a little bigger sort of a natural, well, yes, E 2013 will be around. Don't hesitate to get in touch with us. If you have first questions, have a look at our agenda, have a look at our conference website, ID com.com and we will provide a lot more information, send out our newsletter. Cetera. I hope to see you in Munich in may.
And as I've said, you have to be there. It's the master ment. Thank you. Bye.