Event Recording

Customer-Driven, Digital-First, Trust & Value Based - The Future of CIAM

Show description
Speaker
Dr. George Beridze
Security Consulting Manager
Accenture
Dr. George Beridze
Security Consulting Manager in the Information Technology and Services industry. Specializing in Identity & Access Management. Ph.D. in Natural Sciences and certified Project and Process Manager with strong analytical, interpersonal, and communication skills. Goal-oriented and reliable...
View profile
Playlist
European Identity and Cloud Conference 2023
Event Recording
Passwordless Primer
May 10, 2023

Passwordless authentication counts amongst the hot topics in IAM. In this session, the variants of passwordless authentication will be explained. Phishing resistance, device binding, secure elements, and many of the other technical aspects will be explained, put into context, and rated regarding their relevance for different use cases. The session also will discuss use cases and their specific needs, from simplified access to office solutions to a unified passwordless authentication for the entire IT environment.

Event Recording
The Ubiquitous Credential - Government-issued Identity in Your Phone
May 11, 2023

This decade may well be labeled “the decade of the digital credential.” From COVID passports to mobile driver’s licenses, digitized credentials transforming to “born digital” credentials, and governments and large tech companies developing their own wallets, personal information has never been easier to share with the wave of a device. The convenience is amazing, and the privacy implications are terrifying.

Even scoping the issue down to government-issued credentials or credentials directly derived from government data, there are a variety of requirements feeding into this growing ecosystem:

  • user control of data
  • data minimization
  • relying party accountability
  • extensibility to other domains
  • optional audit log of transactions and ability to assert rights (CCPA, GDPR)
  • minimization of fraud

In this session, Heather Flanagan and Mike Kiser will discuss the outcomes of the recently released white paper on government-issued credentials and the privacy landscape (publication date expected in April 2023). The issues at hand are not solely about policy, nor are they only about technology. It is about closing the policy and protocol gaps that exist between today’s disparate solutions and services and providing a vision of a privacy-preserving, globally viable privacy landscape.

Event Recording
Avoiding Accidental Architecture - Implementing Graph-Based IAM & CIAM goes Beyond Better Access Control
May 11, 2023

Graph is having its moment and rightfully so. Regulatory challenges, overly complex authorization scenarios and retrofitting legacy programs to meet new business needs are squeezing businesses. Implementing a graph-based approach can remove these obstacles and reduce risk. 

But for many businesses, this is where graph-based implementations start and stop. 

In this session, we will discuss how to turnidentity data into identity knowledge and what that can deliver. We will dive into data models that drive contextual and real-time decisions - data models which are foundational for enabling complex authorization use cases and beyond. 

Finally, we will explore the benefits of graph-based deployments in your existing environments, including the value of a holistic and visually simplified data model and avoiding the accidental architecture challenge

Event Recording
The Human Factor & Access Governance
May 11, 2023

One of the fundamental problems of identity and access governance lies in very unclear relationships between real business needs, access policies and decision making about allowing certain action on the assets. For years we are trying to develop access policies which at the same time corresponds to business expectations, digital security rules and regulations, and people-centric to minimize deviations.
In this session, we will discuss human factor in IGA program and how to provide human factor analytics in access governance using new three-dimensional model called NPR (need, policy and resolution). We will show how NPR reports will help the organization to determine necessary adjustments of the policies and their implementation in Identity Governance workflows and processes to improve maturity, decrease risk of breaches, policy deviations by users and cost of managing and enforcing policies also known as Costidity. We will also show the sample reports based on data from higher education customer.

Event Recording
FIDO2: The Train is Leaving the Station
May 11, 2023

The FIDO Alliance is working to change the nature of authentication with open standards that are more secure than passwords, simpler for consumers to use, and easier for service providers to deploy and manage. While initially focused on the consumer space FIDO2 holds advantages for the enterprise willing to break the mould on legacy authentication models.

This session will look at the components of a FIDO2 environment and investigate the options for FIDO deployments. A view of the possible future of FIDO will be discussed.

Event Recording
Cloud Signatures for the New eIDAS Wallet Ecosystem
May 11, 2023

To enhance interoperability between digital identity schemes and digital trust services across borders, the eIDAS regulation provides a legal framework for electronic signatures in the EU, defining how to use them to ensure their validity across Europe. eIDAS2 now includes plans for the creation of a European Digital Identity Wallet (EUDIW). Cloud signatures are expected to play a vital role across this new ecosystem by enabling natural and legal persons to electronically sign and seal documents and transactions with high-assurance remote digital signing certificates. Cloud signatures based on the Cloud Signature Consortium (CSC) Standard can help achieve cross-border interoperability via specifications and certification for the usage of Remote Electronic Signatures and Seals in this new pan-European digital identity ecosystem.

Join us to learn about the new CSC Standard general architectural framework in specific eIDAS context (Kim Nguyen, CSC Board Member, D-Trust) and for a technical deep-dive into the recently launched CSC Standard version 2.0 (Luigi Rizzo, Chair of the CSC Technical Committee, InfoCert).

Event Recording
Policy Based Authorization Architecture Considerations
May 10, 2023

Policy Based Authorization is becoming the new normal when it comes to identity-centric access controls. However, there is no standard approach to PBAC deployment that fits all use cases. In this session we will look at PBAC requirements for common use cases such as microservices, cloud, API, data & analytics.

Event Recording
Preparations for Smoother PAM Flight
May 11, 2023

The short abstract of this topic would be "How we can make a proper business case and ROI(Return on Investment) for PAM". Below are some of the preparations we need for a smoother PAM flight:

  1. Business Use Case
  2. Technical Use Case draft and definition
  3. Vendor selection & Role of research organisations like KuppingerCole
  4. POC
  5. ROI for management and their approval
  6. Vision, Mission & Use case selection and prioritizations
Event Recording
Together. Stronger. Why Community is Important
May 10, 2023

There are many benefits when we cross over the silos of vendors, clients and service providers

In this panel discussion, we will talk with community leaders in our industry about the benefits of community, how the power of community extends beyond peer-to-peer support, and accelerates business innovation, grows market share, and increases customer retention. 

We will also talk about how they work to foster and engage the greater community,  and why you should get envolved.

Event Recording
Access Management Trends in a Connect Anywhere World
May 11, 2023

The combined impact of the pandemic driven shift to remote work with a connect-anywhere paradigm and the ongoing digital business transformation has inspired a higher awareness of cybersecurity concerns, requiring a profound change in the way we define Access Management. 

New contact-free onboarding experiences from the workforce to the customers; the need for managing human-to-device relationships; passwordless authentication as the new normal; decentralized identities as a new way for dealing with identities; the impact of policy based access; the convergence of IGA and Access Management: All these are just some of the trends we observe. In this session, we will talk about the Access Management trends and provide guidance on how to leverage and extend your existing Access Management towards a future-proof Access Management.

Event Recording
Zero Trust Applied for Access Management - How to Control and Monitor the User Access
May 12, 2023

UX with Security in Corporate and Customer Access but including a huge monitoring approach to have the effect of Zero Trust for the users. I will Mix CIAM, Access Management, IAG and UEBA

Event Recording
From Identity Theft to Identity Threat to Identity Security
May 10, 2023

Identity has been always an ambiguous term. Identities exist in a sociocultural and organizational context and in technical ones. We have Digital Identities and eIDs and not only do individuals have identities but so do organizations and non-humans, especially in technical contexts.

Identities had been always under threat, starting with theft of individuals’ identities and credentials in the physical world, such as credit cards and passports. However, these threats have not been on a large scale. We all know that this has changed dramatically with the digitization of everyone and everything. Social engineering, phishing emails, buying credentials in the dark web have become a serious threat to businesses and individuals. These threats have reached new heights with the numerous attacks on identity infrastructures, be it corporate directories or government eID infrastructure.

In this panel, we will explore the identity threats to individuals and organizations, how they are managed, and how identity security can be achieved from a prevention, detection, and management perspective.