Event Recording

Programming People: How to implement 'AI for good'

Show description
Speaker
Anita Klingel
Senior Consultant
PD
Anita Klingel
Anita Klingel is a public consultant, author and researcher on AI governance & regulation. She has co-authored a number of books and policy papers on the subject and currently consults public sector institutions on the ethical and legal implications of AI systems.
View profile
Playlist
European Identity and Cloud Conference 2021
Event Recording
From Day One to Hour One: IGA in the Era of Extreme Automation
Sep 15, 2021

Cloud capabilities are driving automation approaches that will upend traditional, linear templates for Identity Governance service delivery. This extends to everything from application/service on-boarding, provisioning and user lifecycle management workflows. In this session, Manoj will share his experience of working on automation approaches for cloud workloads and discuss what this means for the future of IGA in the era of continuous integration and delivery.

Suganya Balan, Manager – Privileged Access Management, Philip Morris International
Manoj Kumar, Director, Identity and Access Management, Philip Morris International
Event Recording
The impact of agile on progressing Identity Security
Sep 14, 2021

After applying an agile way of working for the last three years the Rabobank Identity & Access Management service has gone through a transformation. The increased autonomy of teams, using backlogs with prioritized epics, applying agile rituals in order to create space for growth in applying agile principles, all of these have affected how IAM services are developed and delivered. Where the arena is uncertain and customers have a somewhat-defined request the agile, iterative approach works. Yet where the arena is regulatory governed and compliance driven an agile approach works less. The impact of incidents in a 24x7 security service immediately reflects itself on the development of the service when a devops team is used. The strain between waterfall project management and this agile approach is not instrumental but conceptual. Aligning expectations with the wider organization is a challenge in itself. This presentation will demonstrate the pros and cons of agile on IAM.

Agile pitfalls
Alignment with the wider organization (using waterfall and deadlines)
Where agile works well and where it does not
Countering the management drive for 'new and improved', whilst also applying agile

Henk Marsman, Lead Product Manager IAM, Rabobank
Event Recording
From Zero to Full Domain Admin: The Real-World Story of a Ransomware Attack
Sep 15, 2021
Joseph Carson, Chief Security Scientist & Advisory CISO, Thycotic
Event Recording
From a Business Centric Consent Management Paradigm to a User Centric One
Sep 14, 2021

I today's digital world (post EU DMA, DSA, DGA regulation proposals (now tabled in EU Parliament for legislative approval by 2023), GAIAx birth in Europe and eprivacy new regulations adoption, the hard line separation between personal and non personal data is blurring and companies have yet understood what this means for them. While they thought that only personal data needed to be consented, now it's all the data that need the consent log prof for each digital identity they get associated to. Europeans have also created a new "notion" of cloud (GaiaX). A cloud where data can circulate freely, can be shared and mutualised (upon consent). This will have implications. Huge implications as GaiaX carries the option to "import/acquire" data also originated from other entities (including from outside Europe). The transfer mechanism will only be possible upon user express consent, voluntarily. User will need to be incentivised to agree to share. Since transfer can only be performed by users, and with consent, that will in fact open up to a secondary data market which sees the consent log representing a "transaction event'. Hence privacy will exit the framework compliance to enter the framework of "strategy and business development'. The contextual "data" hunt can begin (vs big data paradigm which fades aways). The de-monopolisation of consumer data, too.

Insights in how the new european digital policy opens to new business (data driven) opportunities;

Explanation of what market what solutions are available (commercial) to deploy (large or small companies, pubic sector, etc) to meet this important shift in data monetization strategies

Get access to information about partnerships/research projects linked to data portability implementation

Isabella de Michelis di Slonghello, CEO and founder, ErnieApp
Event Recording
Meeting Expectations – 5 pillars for IoT project success
Sep 14, 2021

Deployment of IoT installations are accelerating as organisations seek to expand their business by adding IoT functionality to their products/service, or reduce their costs by automating processes. Unfortunately, in many cases these initiatives are not adequately executed and, as a result, do not meet expectations.

In this session we will look at 5 pillars of an IoT deployment: the Device pillar ensures we select the appropriate sensors and actuators, the Control pillar guides our decisions on controller functionality, the Communications pillar ensures we consider which options fit our required functionality and budget, the IT pillar determines the level of integration between our IT and OT environments, and the Security pillar guides our protection strategy.

A holistic approach is a success-indicator for our IoT projects.

Graham Williamson, Director APAC / Senior Analyst, KuppingerCole
Event Recording
Proactive and Polymorphic Adaptation of Multi-Cloud Deployments
Sep 15, 2021

During the last couple of years, hybrid and multi-cloud solutions are becoming very popular. With the emerging cloud options, modern enterprises increasingly rely on hybrid cloud solutions to meet their computational demands by acquiring additional resources from public clouds dynamically as per their needs.

Alicja Reniewicz, Team Leader, 7bulls.com
Paweł Skrzypek, Chief Architect, 7bulls.com Sp. z o.o.
Event Recording
Going Passwordless and Beyond - The Future of Strong Authentication
Sep 14, 2021

The onslaught of account takeover attacks from insecure passwords is driving the rapid adoption of passwordless solutions.  While the risk reduction benefits are substantial, eliminating passwords is just the first step on the path to fundamentally strong authentication.  In the “new normal” era of work from anywhere, and rapidly increasing cloud adoption, organizations are moving to a new risk-based authentication model.  Advanced organizations are validating users, their devices, and inspecting the security posture of the device for each login.  Strong and continuous authentication is a fundamental building block of Zero Trust. Learn how you can make it happen without making the user experience miserable.

 Discussion topics include:

  • New cybersecurity and identity management requirements in the post COVID era
  • Traditional MFA vs Passwordless - avoiding the “security vs. painful user experience” tradeoff
  • Device trust and the confluence of cybersecurity and identity management
  • Continuous risk-based authentication 

Takeaways:

  • Account takeovers and other attacks have increased as a result of distributed working - adopting a solution that removes passwords removes most of the risk
  • MFA has evolved beyond the traditional “password + SMS + pin” approach
  • CISO’s and IT no longer have to trade increased security for user convenience
  • Modern devices allow organizations to leverage the Secure Enclave / Trusted Platform Module for increased security
  • Continuous, risk-based authentication is a key factor in identity and access management
Patrick McBride, Chief Marketing Officer, Beyond Identity
Event Recording
Case Study: How an Entire Industry adopts Digital Enterprise Identity
Sep 15, 2021

Back in November 2013 the U.S. congress enacted the Drug Supply Chain Security Act (DSCSA). Part of the regulation is that actors within the U.S. pharmaceutical industry must verify the U.S. state license, which is issued by the U.S. Drug Enforcement Administration (DEA), status (and thus the authenticity) of every trading partner within their supply chain. And this does not stop just by direct trading partners a pharmaceutical supply chain actor might have, the regulation states, that also indirect trading partner’s U.S. state license status must be proofed.

Dr. Carsten Stöcker, Co-founder and CEO, Spherity
Event Recording
Introducing The Global Assured Identity Network (GAIN)
Sep 13, 2021
100 experts propose an interoperable scheme to create a virtual IDP.
Event Recording
Hybrid. It’s Never Only One Thing
Sep 13, 2021

New technology is often seen as a total replacement for whatever came before. This is evident in the “Move to Cloud”! However, we are almost never in a greenfield position: we must interoperate with legacy systems and the demands of the business drive towards different and competing solutions for different problems. We will discuss the challenges of a hybrid deployment, addressing multi-cloud as well as on-premises components, and how a hybrid approach to identity is required to competently address these often conflicting requirements. We will use real-world examples of hybrid solutions to demonstrate the solutions.

Event Recording
Integrating IoT With SSI-Enabled Technologies For Healthcare
Sep 14, 2021
Dr. Christos Patsonakis, Postdoctoral Research Associate, The Centre for Research & Technology Hellas
Event Recording
Using Hypermedia to Adapt Client-side Login to Go Beyond Passwords
Sep 14, 2021

There are various ways that client applications may need to log in when going beyond passwords. With a username and password, client development is easy -- just collect a couple of inputs from the user and match them on the server. When going beyond these though, how can client applications be deployed and maintained in a way that the server still dictates what the client should present and obtain from the user when authenticating them?

Travis Spencer, CEO, Curity