Event Recording

Securing the Digital Double - The Path to a Trusted Digital Ecosystem

Show description
Speaker
Asanka Abeysinghe
Chief Technology Evangelist
WSO2
Asanka Abeysinghe
Asanka’s goal is to connect humans and technology by helping organizations implement digital transformation programs that result in consumer-driven digital applications. In his current role, Asanka drives efforts to create, refine, and enhance WSO2’s corporate reference architecture...
View profile
Playlist
European Identity and Cloud Conference 2021
Event Recording
Why must CISOs and security leaders let IAM drive their cloud security adoption?
Sep 15, 2021

As organizations expand their cloud footprint to accelerate innovation and digital transformation, increased security risks pose an imminent and elevated threat to their growing cloud presence. The market is overwhelmed with numerous security technologies, approaches and frameworks for securing an organization’s cloud adoption journey, but security leaders and architects must meticulously assess the security risks associated with their cloud usage, migration patterns and digital interactions with customers, employees and partners to suite their business requirements and cloud security priorities.

Identity and Access Management (IAM) remains one of the key security disciplines to support digital transformation and cloud adoption objectives, by not only providing a secure identity and access foundation for the user, device and cloud-service types but also by offering additional cloud-specific security provisions that include cloud access management, cloud entitlement management, cloud privileged access and cloud access governance to its evolving technology portfolio.

In this session, we will discuss the important security tenets of an organization's cloud adoption program and how effective IAM architecture and planning can help navigate CISOs and security leaders through their cloud adoption journey.

Anmol Singh, Sr. Cloud Security Advisor, Microsoft
Event Recording
The human factor in Cyber Security - Creating a cyber aware culture
Sep 14, 2021
Alex Weishaupt, Practice Lead Cyber Security, Morgan Philips
Event Recording
Building Mindset for Privileged Access
Sep 14, 2021

For most companies, privileged access management is associated with creating borders or limitations. Often organizations are forced to implement PAM due to the legal regulations and do not see it as an investment but rather consider cybersecurity as a cost center. Moreover, most employees think of it as another layer of control and make an assumption that the company does not trust them. 

Konstantin Krasovsky, Director EMEA, Indeed Identity
Event Recording
Future proofing national eID
Sep 14, 2021

How to future proof a national eID scheme where 13 registered commercial IdPs, 1 government IdP and several brokers operate?

Petteri Ihalainen, Senior Specialist, National Cyber Security Centre, Finland
Event Recording
Panel | A First-Person Account of Third-Party Identity Risk Management
Sep 15, 2021

In a 2018 study by Onus & Ponemon on data risk in the third-party ecosystem, more than 75% of companies surveyed said they believe third-party cybersecurity incidents are increasing. Those companies were right to believe that.

As our world becomes more digitized, and thus more interconnected, it becomes increasingly more difficult to safeguard organizations from cybercrime. Tack on to that challenge a global pandemic that all but forced organizations to become “perimeter-less,” if they weren’t already, and the potential access points for bad actors through third-party access increases exponentially.

The problem is two-fold.

The landscape of third-party users is vast and continues to grow. From third-party non-employees like vendors, contractors and affiliates to non-human third parties like IoT devices, service accounts and bots, more organizations are engaging third parties to assist with their business operations and help them to innovate, grow faster, improve profitability, and ultimately create greater customer value – faster. On average, companies share confidential and sensitive information with more than 580 third parties and in many cases, an organization's third-party workers can actually outnumber their regular, full-time workforce.

Yet, despite the increased use of third-party workers in business, most organizations lack the proper third-party risk culture, processes, and technologies to protect themselves against the long list of third parties with access to their sensitive data and systems. Organizations have these systems in place to manage their full-time employees but lack the same level of rigor to manage these higher-risk third-parties. As a result, many third-party users are provided with more access than needed for their roles, and most disturbingly, that access is frequently not terminated when the third party no longer needs it.

Without the right third-party identity lifecycle management procedures in place, businesses unwittingly expand their attack surface, unnecessarily put sensitive information at risk, and create additional access points for hackers.

Event Recording
Identity, Privacy, Security - The European Perspective
Sep 13, 2021

In recent years, we have seen quite a few transatlantic policy issues with regards to Cybersecurity and the way how personal information is being treated by private and public organizations. The main areas where we see these differences are data protection/privacy, standards & certification and last but not least private-public information sharing.

Event Recording
The Rise of An Identity-Native Web 3.0 World
Sep 15, 2021

Identity is a fundamental element in the traditional world to associate information to the same individuals. As we leave more and more digital footprints in the world of Internet, these information are giving birth to our digital profiles, raising issues of privacy protection, monetization of data, identity theft and more. While in this presentation, we revisit the manifestation and formation of identity in the incoming world of Web 3.0, and discover how the native citizens of Web 3.0 are forming their own identities and reputations with native behavior data that are distributed, interoperable, and self-sovereign.

Gloria Wu, Chief of Ecosystem Partnerships, Ontology
Event Recording
Panel | Digital Identities and IoT - How to Leverage OIDC and OAuth 2.0 for the Best User Experience and Security! IAM Related Experiences From the Automob
Sep 15, 2021

A lot of innovation around physical products is created by connectivity, allowing them to become part of the consumer's larger digital ecosystem and the providing enterprise. Gartner says in its megatrends for the next decade: "Anything costing more than a few USD will be "intelligent and networked". Examples are electronic wall boxes to charge cars or remote-control for dishwashers, cars, etc.
Several compelling use cases require smart things to act not only for themselves but also on behalf of the end-user. OpenID Connect and OAuth 2.0 can be used to provide a user-friendly and secure user journey. Learn about the experiences with these standards when it is about IoT and how Identity & Access Management products help to reduce time-to-market, costs, and inconsistency between different touchpoints.

Key Takeaways: 

- What are the essential protocols to bring identity and IoT together
- What are the challenges, best practices, and pitfalls of IoT projects
- Arguments for buy or build

Fulup Ar Foll, Founder and Lead Architect, IoT.bzh
Andre Priebe, CTO, iC Consult Group
Graham Williamson, Director APAC / Senior Analyst, KuppingerCole
Event Recording
Panel | Is Traditional MFA the Right Solution in a Post-COVID World?
Sep 14, 2021

The hybrid mix of remote and office work combined with digital transformation initiatives is driving the rapid adoption of cloud. This trend is also prompting organizations to rethink requirements for authenticating employees and other members of an organization supply chain. Companies are now exploring how to significantly improve both security and the end user experience. Unfortunately traditional multi-factor authentication is lacking in both areas. 

Joni Brennan, President, Digital ID & Authentication Council of Canada
Martin Kuppinger, Principal Analyst, KuppingerCole
Patrick McBride, Chief Marketing Officer, Beyond Identity
Andrew Shikiar, Executive Director and Chief Marketing Officer, FIDO Alliance

 

Discussion topics include:

  • How is the post COVID era changing the security and identity / access management landscape?
  • Should traditional MFA still be the “go to”?
  • What new requirements have emerged and why?
  • What approaches are advanced customers adopting?
  • What is the difference between Traditional MFA and newer options?
  • Is device trust important?  Why or why not?
  • What is the role of continuous, risk-based authentication?
Event Recording
Panel | Best Practices to Implement Security Automation
Sep 15, 2021
Alexei Balaganski, Lead Analyst, KuppingerCole
Joseph Carson, Chief Security Scientist & Advisory CISO, Thycotic
Christopher Schütze, Director Practice Cybersecurity and Lead Analyst, KuppingerCole
Event Recording
PAM 101
Sep 15, 2021
Paul Fisher, Senior Analyst, KuppingerCole
Event Recording
Give Me 10 Minutes, I'll Give You The Truth About Identity
Sep 13, 2021

User recognition and authentication is becoming the central element of companies' digitalisation strategy. Not only are user registration and login the first experiences users make, Identity and Access management will ultimately determine which company recognises and serves the needs of its users best and will be successful in the market.

What you can expect

  • A holistic view on identity and access management
  • A forward-looking way of thinking and
  • Progressive software architectures