Event Recording

Martin Kuppinger's EIC 2015 Summary

Show description
Speaker
Principal Analyst & Co-Founder
KuppingerCole Analysts AG
Martin Kuppinger is the founder and Principal Analyst responsible for the KuppingerCole research. In his 25 years of IT experience he has already written more than 50 IT-related books and is known as a widely-read columnist and author of technical articles as well as reviews and is also a...
View profile
Playlist
European Identity & Cloud Conference 2015
Event Recording
Prabath Siriwardena - Connected Identity: Benefits, Risks & Challenges
May 15, 2015

SAML, OpenID, OpenID Connect, WS-Federation all support identity federation – cross domain authentication. But, can we always expect all the parties in a connected environment to support SAML, OpenID or OpenID Connect? Most of the federation systems we see today are in silos. It can be a silo of SAML federation, a silo of OpenID Connect federation or a silo of OpenID federation. Even in a given federation silo how do you scale with increasing number of service providers and identity providers? Each service provider has to trust each identity provider and this leads into the Spaghetti Identity anti-pattern.

Federation Silos and Spaghetti Identity are two anti-patterns that need to be addressed. This talk presents benefits, risks and challenges in a connected identity environment.

Event Recording
Bringing it All Together – Distributed Strategy Solutions for Distributed Risk
May 16, 2015

In evaluating distributed systems risk, the attention to data is misdirected. Rather it is the distributed nature of data management systems (and the increase in interaction volume) that increase the perception and actuality of risk. Distributed problems need distributed solutions. Applying the community of interest approach – how can your organization more effectively reduce and manage risk?

Event Recording
Dirk Venzke - Identity & Access Process Automation: Improving Business Alignment & Reducing Digital Risk
May 14, 2015

How can this aim be achieved in an complex global enviroment? The approach is based on an overall process of Identity & Access Management operated by a multi-level control system. Following the 3 LOD-model different layers are linked in order to reduce digital risk via connected activities (e.g. recertification, SOD-checks, …). Combined with strict processes, an intense communication with the business and measurement by key indicators.

Event Recording
Prof. Dr. Rüdiger Grimm - Negotiating the Risk of Privacy, Understanding Privacy and its Risks
May 16, 2015

In this presentation, the risk of privacy in the modern communication technology, both Internet and mobile networks, is analyzed. It turns out, that users have to negotiate the risk of privacy between refraining from services, trusting services, using self-data-protection methods and trusting privacy enhancing technologies. Services, on the other hand, have to present themselves as trustworthy with respect of their competent and decent way to handle user data. This presentation identifies the privacy principles and related trust areas and protection means.

Event Recording
Hanns Proenen - Digital Risk & the Analog World
May 14, 2015

It seems that the Internet of Everything and the convergence of IT and OT (Operational Technology) are on their way to take control over the analogue part of our world, with digital threats not only affecting our companies and each of us as individuals, but also public life as a whole. How real are those threats and how serious are the risks evolving from them?

Hanns Proenen shows in his keynote, why mitigation and remediation of digital risks evolving from this new threat landscape are requiring new skills from IT security professionals and how these new skills will look like.

Event Recording
Thom Langford - Flushing Away Preconceptions of Risk
May 16, 2015

Risk is often seen as a dirty word in business. It is a thing that needs to be reduced to nothing, and has no possible good use in an organization, especially a security programme. This couldn’t be more wrong! Risk is an inherent part of any business, and yet it is often poorly recognized and leveraged in the security organisation.

In this presentation Thom looks at three areas of the risk conundrum to open the veil on the elusive art of understanding and ultimately measuring risk:

  1. The initial interpretation of risk and how it is often misunderstood.
  2. The measurement of risk, and how some systems work and other don’t.
  3. The effective treatment of risk, and how sometimes the obvious thing to do can be the wrong thing to do.
Event Recording
Amar Singh - It Takes a Community to Reduce Risk
May 16, 2015

To help stakeholders balancing their needs to protect the organization against the needs to run the business - this is the new role IT professionals have to take over in the era of digital business. Moving forward, security people aren´t the "defenders against cyber threats" anymore. They are becoming the facilitators of a balance between the needs to protect and the needs to run a business. In digital Business, we are moving things into the cloud. We are moving things into software-as-a service. We don´t have control of them anymore. A lot of the traditional technologies just don´t apply. So we have to start looking at other things like contract clauses and the new types of controls which come along with the new breed of digital risks.

Event Recording
Impressions from the EIC 2015
May 08, 2015

Thank you for attending the EIC 2015. See you next year!

Event Recording
Kuan Hon, Dr. Karsten Kinast - The EU Draft General Data Protection Regulation: Where are we and what can we expect?
May 15, 2015

Keynote at the European Identity & Cloud Conference 2015

Event Recording
Mapping the Changes in Data and Identity Risk Landscapes
May 16, 2015

Well-managed organizations address unique and emerging risks, such as networked data and identity-related risks in the context of their overall risk profile, and seek to implement solutions that can cost-effectively address organizational risk at multiple levels. As new online and networked system risks associated with data and identity handling systems have surfaced, pre-existing risks still remain relevant; and together they vie for the attention of managers around the world, causing them many sleepless nights. How are emerging risks similar to and different from traditional risks faced by enterprises? How can traditional risk mitigation strategies inform, or mislead, managers seeking to address emerging risks?

Event Recording
Andrea Servida - Boosting Trust in the Digital Market: the Role of eIDAS Regulation
May 14, 2015

eIDAS Regulation 910/2014 on electronic identification and trust services provides the legal framework for the cross-border recognition of electronic identification means, ensures the legal certainty and interoperability of trust services (namely electronic signatures, electronic seals, electronic registered delivery services, electronic time stamp and web site authentication) and establishes the non-discrimination of electronic documents vis-à-vis their paper equivalent. The presentation focuses on the role of eIDAS in realising the digital single market and on the actions at the EU level to support the uptake of electronic identification and trusts services and the Regulation in the EU.

Event Recording
Stefan van Gansbeke - One Step Closer to the Unhackable Enterprise
May 17, 2015

The threat landscape became wicked and rougher. Governments are desperately  trying to fight the cyber threats. But their efforts will  never satisfy the needs. As a company, community or individual you remain a vulnerable target. Applying a layered information security strategy can effectively reduce your risk exposure. Define your drivers and long term security goals; involve your  stakeholders; engage your customers, employees and suppliers; clearly communicate and achieve your targets by implementing the security roadmap are the key steps for becoming a security intelligent company who will be better protected against the next attack.