Event Recording

Secrets in the Clouds: The Journey of Digital Vaults to Cloud

Show description
Speaker
Anil Bhandari
Chief Mentor & Thought Leader
ARCON TechSolutions
Anil Bhandari
Anil Bhandari is an inspired innovator, technologist, and thought leader in Information Risk Management. He serves as a Mentor & Thought Leader and provides his invaluable insights for the future growth and development of ARCON. He mentors the product technology roadmap with his insightful...
View profile
Playlist
European Identity and Cloud Conference 2021
Event Recording
"That’s Not Fair!": Detecting Algorithmic Bias with Open-Source Tools
Sep 15, 2021

The harm that the misuse of AI/ML can have is obvious, from the ProPublica Recidivism piece from 2016 to the latest discovery of bias in facial recognition classifiers by Joy Buolamwini.

 

The need for tools to use AI/ML ethically is concentrated in two particular areas: transparency and fairness. Transparency involves knowing why an ML system came to the conclusion that it did—something that is essential if we are to identity bias. In some forms of ML, this is difficult. We’ll cover two tools to assist with transparency: LIME and SHAP. We’ll highlight where each of these tools performs well and poorly, and provide recommendations for utilizing them in unison where appropriate.

 

Once transparency is established, we’ll pause to evaluate potential sources of bias that would affect the fairness of a particular algorithm. Here the number of tools available is far-reaching. We’ll start with an explanation of bias metrics, explaining the roles that true/false positives and true/false negatives play in calculating various accuracy metrics. The basics of fairness established, then we will explore various tools used against a few, publicly available sample ML implementations. Tools in this review will include: Aequitas, AIF360, Audit-AI, FairML, Fairness Comparison, Fairness Measures, FairTest, Themis™, and Themis-ML. We’ll compare these tools, providing recommendations on their usage and profiling their strengths and weaknesses.

Mike Kiser, Senior Identity Strategist, SailPoint
Event Recording
What are the benefits of handling external users in IGA?
Sep 15, 2021

Most of the companies today are handling all external users with HR processes using HR systems, which can cause friction and inefficiency when managing external users' lifecycle. 

Lauri Reunamäki, Partner, Business Operations, Lempinen & Partners
Event Recording
Balancing User Experience, Privacy and Business Requirements – Learnings From Social CRM
Sep 14, 2021

Based on our research about critical privacy areas in Social CRM I could present solutions and discuss further potentials provided by upcoming technologies and resulting requirement on privacy management systems.
Social CRM is a bit special as indeed many applications and processes areas are still in legally grey area, without established and accepted standards. Users tend to ignore this fact as many applications and process provide a value for them and/or are comfortable. Based on this specific setup I could build up the discussion and presentation.
This presentation would be more a discussion to show potential solutions and not the presentation of a specific solution

Dr. Olaf Reinhold, Board Member, Researcher, Social CRM Research Center e.V.
Event Recording
PAM 101
Sep 15, 2021
Paul Fisher, Senior Analyst, KuppingerCole
Event Recording
The State of Strong Authentication
Sep 15, 2021

The FIDO Alliance was launched in 2013 with the audacious goal: to change the very nature of authentication. To move the entire world away from usernames and passwords and traditional multi-factor authentication with an open and free web standard that makes authentication simpler and stronger. It’s 2021, so why are passwords still persisting? The session will answer that question, and detail the progress that has been made towards standardizing strong authentication and the opportunity for companies to start on a journey past passwords.

Join Andrew Shikiar, executive director of FIDO Alliance, as we look the past year from the FIDO standards lens, including:
-- The impacts of Covid-19 on digital transformation plans and securing remote workforces & where strong authentication has fit in
-- Progress global organizations have made toward going truly passwordless
-- Considerations for strong authentication when seeking compliance with regulation such as PSD2 SCA
-- What other areas, such as identity verification, that need to be strengthened to better secure the web

-- Attendees will understand how a global pandemic affected companies' digital transformation plans, including strong authentication projects

Key Takaways: 


-- Attendees will learn the status of efforts to standardize strong authentication, and where support stands today
-- Attendees will be able to analyze their strong authentication options for complying with regulation like PSD2 SCA
-- Attendees will be able to explain how identity verification and authentication relate, and efforts in motion to better secure both areas

Andrew Shikiar, Executive Director and Chief Marketing Officer, FIDO Alliance
Event Recording
From top-down ecosystems to collaborative ones
Sep 14, 2021
Traditional identity and access management solutions built so far on the trust for selected identity providers and their adoption from an ecosystem of identity owners and identity verifiers. The decentralized identity paradigm is disrupting these ecosystems and required more democratic collaboration and competition among a number of identity and credential issuers, identity owners, and verifiers selecting and using them. This requires not only to design and implement new technologies but also to identify new business opportunities and business models. Collaboration, experimentation, and evaluation are the road to adoption, and the EU collaborative H2020 research and innovation framework offers the opportunity to de-risk such collaborations, in favor of innovation.
This talk will present the activities and lessons from three EU collaborations, CityExhcange, ENSURESEC and ORCHRESTRA, generating innovation with the adoption of decentralized identities for individuals, things, and organizations among complex stakeholders ecosystems in the smart energy, e-commerce, and smart transport domains.

 

Dr. Michele Nati, Head of Telco and Infrastructure Development, IOTA Foundation
Event Recording
Identity is the New Blue
Sep 13, 2021

Blue is the world’s most popular color.

But this was not always the case. Originally, it was little used in art and clothing, and in turn, had little symbolic cultural value. In the course of a few key decades, however, blue overcame obstacles of sourcing and production, and its popularity exploded—rising to represent some of the highest values of society.  Subsequently, a wave of innovation democratized the color, placing it in the hands of “normal people” and cementing its cultural legacy.

Identity finds itself on a similar path. After a period of relative obscurity, identity has begun its rise over the past decade—but the journey is just beginning. Like blue, it faces challenges to its ascendancy—both practical and ethical. We’ll extract lessons from the trajectory of the world’s most popular hue and seek to apply them to the arc of identity.

The color of the world is changing once more.

Event Recording
Bad things that Can Happen
Sep 14, 2021

Disclaimer: The speaker at this session has not been involved either directly or indirectly in the work in the aftermath of any of the Ransomware attacks described in this session. All of the information from the cases is based solely on data that is in public domain.

Bjarke Alling, Chair, National Danish Cybersecurity Council
Event Recording
Panel | APIs - Where Security Meets Identity Management
Sep 14, 2021

Traditional IAM models have focused on users, policies, and roles, which met the needs of web applications in years past but as application development has evolved to APIs, an innovative approach to identity management is required. It is no longer just users, roles, and permissions. APIs must be integrated into the identity and access management framework to ensure adequate governance and security.

Within an API there is a requestor (often on behalf of a user), a service (API), and the data that is being passed. All these entities in the transaction require unique identity and authorization; without identity, compliance and enforcement mandates cannot be met effectively and without authorization, there is a free-for-all on your APIs reminiscent of Cambridge Analytica and Facebook.

In this session, we will look at how rapid digitalization (first and third-party APIs + multi-or hybrid-cloud environments) has complicated security efforts, the role of API integration in data governance, and how companies can best navigate the heightened cyber-threat environment we find ourselves in today.

- Why API security requires more than traffic policy management and course-grained enforcement.
- Why APIs need to be integrated into the identity and access management framework to ensure adequate governance and security.
- How companies can reduce the burden on developers to allow for a proactive approach to API security instead of reactive.

Nathanael Coffing, Co-Founder, CSO and Board Member, Cloudentity
Gal Helemski, Co-Founder & CIPO, PlainID
David Martinache, Manager, Wavestone
Fabian Süß, Project Manager, KuppingerCole
Event Recording
Panel | Mastering the Security Challenge for AI
Sep 14, 2021

Artificial Intelligence (AI) has been boosting innovation and creating a whole new wave of business models. With its rapid expansion into most use cases in many industries, a new threat landscape is evolving and as such presenting tough challenges to cybersecurity teams. With its huge impact on the way we interact with technology, the need for good practices and high standards in securing AI infrastructures is becoming a priority. In this panel session, we will    

  1. Identify and describe common AI security threats
  2. Talk about data quality, integrity and reliability
  3. Discuss AI risk mitigation strategies
  4. And look into the human factor of AI security
Anne Bailey, Analyst, KuppingerCole
Dr. Barbara Mandl, Director Cybersecurity, FOSTER FORE
Lex Tan, CEO & Founder, MotionsCloud
Event Recording
Introducing ESSIF-LAB - The European Self-Sovereign Identity Framework Lab
Sep 14, 2021
Drs. Jacoba C. Sieders, Member Of The Board Of Advisors, EU SSIF-lab
Event Recording
Why must CISOs and security leaders let IAM drive their cloud security adoption?
Sep 15, 2021

As organizations expand their cloud footprint to accelerate innovation and digital transformation, increased security risks pose an imminent and elevated threat to their growing cloud presence. The market is overwhelmed with numerous security technologies, approaches and frameworks for securing an organization’s cloud adoption journey, but security leaders and architects must meticulously assess the security risks associated with their cloud usage, migration patterns and digital interactions with customers, employees and partners to suite their business requirements and cloud security priorities.

Identity and Access Management (IAM) remains one of the key security disciplines to support digital transformation and cloud adoption objectives, by not only providing a secure identity and access foundation for the user, device and cloud-service types but also by offering additional cloud-specific security provisions that include cloud access management, cloud entitlement management, cloud privileged access and cloud access governance to its evolving technology portfolio.

In this session, we will discuss the important security tenets of an organization's cloud adoption program and how effective IAM architecture and planning can help navigate CISOs and security leaders through their cloud adoption journey.

Anmol Singh, Sr. Cloud Security Advisor, Microsoft