Event Recording

Policy-Driven IGA – Why This Approach Produces Better Outcomes

Show description
Speaker
Sanjay Nadimpalli
Founder and CEO
Tuebora Inc
Sanjay Nadimpalli
Sanjay founded Tuebora with the firm belief that application of Machine Learning and use of Natural Language interface to IAM can significantly reduce costs, boost organization productivity, enable better security and eliminate burden of administration.  His desire for innovation in this...
View profile
Playlist
European Identity and Cloud Conference 2023
Event Recording
AI Governance & Regulation - How to Prepare for the Inevitable
May 12, 2023

For many years public concern about technological risk has focused on the misuse of personal data, with GDPR, most hated and loved at the same time as one of the results. With the huge success of LLMs and generative AIs such as ChatGPT,  artificial intelligence soon will be omnipresent  in products and processes, which will shift regulator´s attention to the potential for bad or biased decisions by algorithms. Just imagine the consequences of a false medical diagnose, or of a correct diagnose created by an AI and then not accepted by the doctor. Not to mention all the other fields where bad AI can be harmful, such as autonomous cars or algorithms deciding on your future credibility. Inevitably, many governments will feel regulation is essential to protect consumers from that risk.

In this panel discussion we will try to jointly create a list of those risks that we need to regulate the sooner the better and try to create an idea on how this future regulation will impact the way we use AI in our bsuiness and private lives.

Event Recording
FIDO 2: Zero Trust in Action with Passwordless Phishing Resistant Authentication
May 10, 2023

By now, organizations are well aware of the need for better protecting data and application with modern access management and authentication.
Thales and Microsoft partner to help organizations going passwordless to fight against phishing attacks. Thales and Microsoft experts Sarah Lefavrais and Thomas Detzner will talk about the role of Fido and other phishing resistant authentication methods like CBA in achieving Zero Trust approach.

Event Recording
Identity Proofing as a Fundamental Element for Zero Trust
May 11, 2023
Event Recording
FIDO à la Carte
May 12, 2023

Finding the right passwordless solution can be a daunting task. Searching the web for a passwordless authentication solution will present many options for various use cases. With so many options, how do you choose the solution that best meets your requirements?

This presentation will help guide you through the different FIDO standards, Passkeys and provide real-world examples of how they are being used today. We'll explore the benefits of FIDO, including increased security and improved user experience, and discuss the challenges and limitations.

If you're ready to say goodbye to passwords and embrace the future of passwordless authentication, join us and learn how to find the right FIDO solution for your passwordless needs.

Event Recording
An Analysis of Global Decentralized Identifier Data
May 12, 2023

Decentralized Identifiers (DIDs) offer a unique solution for digital identity verification, allowing individuals to have complete control over their own identity and eliminating the need for a centralized registry or authority. In this session, we will explore the insights that can be gained through the analysis of global DID data. At Danube Tech GmbH, we have developed version trackers that monitor various DID methods, such as did:indy, did:ebsi, did:ion and others, collecting and storing data on DID transactions in our database for analysis. During this session, we will present the results of our latest analyses, including trends in DID transactions over time, distributions across different verification methods, and errors found in DIDs and DID documents. This information can be valuable for businesses looking to understand and utilize DIDs in their operations, as well as for individuals seeking to use DIDs for their own digital identity management.

Event Recording
Authorization Trends in the Era of Zero Trust & Web 3
May 10, 2023

In this Session we will look at the business and security benefits of moving to policy-based access controls (PBAC), how this supports a Zero Trust approach to security, and how PBAC can be practical and scalable in hybrid and multi-cloud IT environments. We will look at some of the main authorization use cases that are driving change in enterprise architecture teams. We will also share recommendations on how organizations can improve security, enhance brand trust, and deliver better user experiences.

Event Recording
Entitlements - Claim vs. Reality
May 10, 2023

The claim or desire for authorizations, permissions and the rights set in practice often have a wide divergence. Typically, more rights are assigned unconsciously than were actually required.

The resulting vulnerabilities can have significant consequences therefore, it is essential to be able to monitor the true permissions at any time, regardless of how the permissions have been set. It is almost impossible to manage monitoring manually, even in small environments. Therefore, independent automatisms that can automatically explore, analyze and report the real settings are becoming a requirement.

In this session we will show you how Cygna Labs can support you in these challenging tasks and thereby ensure and improve security in your company.

Event Recording
Market Overview: Passwordless Authentication
May 10, 2023

This session will provide an overview of the market for Passwordless Authentication products and services and will present a compass to help you to find the Passwordless Authentication product or service that best meets your customers, partners, or workforce needs. KuppingerCole´s Alejandro Leal recently published a Leadership Compass for Passwordless Authentication and examined the market segment, vendor product and service functionality, relative market share, and innovative approaches to providing Passwordless Authentication solutions.

Event Recording
Street Cred: Increasing Trust in Passwordless Authentication
May 10, 2023

Good security gets out of the way of users while getting in the way of adversaries. Passwords fail on both accounts. Users feel the pain of adhering to complex password policies. Adversaries simply copy, break, or brute-force their way in. Why, then, have we spent decades with passwords as the primary factor for authentication? 

The industry needs to trust passwordless authentication (FIDO2). Adversaries and then criminals have circumvented our authentication controls for decades. From the very first theft of cleartext passwords to the very latest bypass of a second-factor, time and again improvements in defenses are met with improved attacks.

What holds us back from getting rid of passwords? Trust. In this session, we will propose a framework of technical controls to ensure only trusted sessions authenticate, regardless of faults or failures in any one factor, and to reassess based on shared signals (CAEP). We will share a path forward for increasing trust in passwordless authentication.

Event Recording
Identity in the C-Suite? The Role of the Chief Identity Officer
May 11, 2023

Whereas our Privacy and Security peers have top executive-level access and presence as well as often Board-level access, Identity typically does not.

Should that continue to be the case? Are the conditions right for the establishment of a Chief Identity Office… and is that even a good idea?

In this panel, Drs. Jacoba Sieders, Denny Prvu, and Ian Glazer will debate the pros and cons of the notion of a Chief Identity Officer role. Topics will include:

  • What would the value of such a role be? And how is such a role measured?
  • What would the responsibilities of said Officer be and what is the role’s remit? What are its boundaries?
  • What questions should the Board and C-Suite be asking? What should they know about identity that they don’t today?
  • How would such an Officer quantify the value of the identity infrastructure to the business?
  • Does the need for the role differ based on industry sector and geography?
  • How would this role fit with the Chief Digital Officer, Information Security Officer, and Privacy / Data Protection Officer?
  • And how would this make things better for the digital identity practitioner and the industry as a whole?
Event Recording
The Identity Security Blind Spot: MFA for Legacy Systems and Service Accounts
May 10, 2023

MFA and other identity security controls are very effective in stopping cyber attacks, and are widely used on modern apps, but until now they couldn't be applied to legacy apps, service accounts (non-human identities), command-line interfaces, OT systems and many other critical resources. These 'blind spots' are targeted in almost all data breaches and ransomware attacks, and often prevent compliance with regulations and cyber insurance requirements. Join this session to learn how your existing MFA and modern identity solutions can be extended to all these legacy assets using a new technology.

Event Recording
Best Practice: Empowering the Vision of the IoT with Decentralized IAM
May 11, 2023

How Self-Sovereign Identity (SSI) enables decentralized Identity and Access management for Things

  • The Challenges of IoT and Identity 
  • SSI key elements in a nutshell 
    • Decentralized Identifier (DID)
    • Verifiable Credentials (VC)
    • The role of blockchain / DLTs
    • How the elements work basically together
  • The SSI advantages / disadvantages in general and for IoT
  • Can SSI replace “traditional” Identity and access solutions and how? 
    • The IoT possibilities filancore enables with SSI

From SSI zero to hero – ETO`s digital & IoT transformation in practice

    • From or need to vision, strategy and IoT-SSI in operation
      • Our innovation, organization, and technology problems from back then
      • SSI as a competitive chance
    • ETO`s SSI strategy and roadmap – where we started, are and going
    • Our SSI High-Level Architecture and IoT product innovation(s) [decentralized IAM in use]
    • Our lessons learned and take-aways with SSI