Event Recording

Identity in the C-Suite? The Role of the Chief Identity Officer

Show description
Speakers
Allan Foster
Chief Evangelist
Emeritus
Allan Foster
Allan Foster has helped build ForgeRock into a multinational identity software vendor with offices on four continents. Allan’s deep technical knowledge has been well used in all aspects of the business while at ForgeRock, with responsibilities in Support, Engineering, Product Management,...
View profile
Ian Glazer
Founder
Weave Identity
Ian Glazer
Ian Glazer is an accomplished IT Thought Leader and Product Management Executive with extensive experience in identity management, privacy, compliance, and access governance. He is a strategic leader who has directed and executed product strategy, managed partner relationships, and driven...
View profile
Denny Prvu
Director of Architecture - Innovation and Technology
Royal Bank of Canada
Denny Prvu
Denny Prvu has been fortunate enough to work around the world with public and private sector organizations as a strategist, architect, and communicator on identity, security, and privacy topics for over 20 years.  Experience by working on standards and active contributions in areas...
View profile
Drs. Jacoba C. Sieders
Consultant, Strategic Digital Identity
Independent
Drs. Jacoba C. Sieders
Jacoba is a digital identity expert, eager to make digital life better and a lot more secure than it is today. Keynote speaker at international IAM congresses and teacher of masterclasses.  After twenty years in leading Identity positions at four multinational banks, Jacoba now focuses...
View profile
Candace Worley
Chief Product Officer
Ping Identity
Candace Worley
Candace Worley joined Ping Identity as Chief Product Officer (CPO) in May of 2020. As CPO, she is responsible for advancing global product vision, leading technical product innovation efforts and bringing the company’s identity solutions to market. Candace has over 25 years of enterprise...
View profile
Playlist
European Identity and Cloud Conference 2023
Event Recording
Why the Cyber Security Managed Service Market Needs a Twist?
May 10, 2023

The Cyber Security Market has developed quite significantly within the last decade. The scarcity of expertise in the market, the increased number of attacks, the lack of leverage of product implementation ROI are a number of topics we will shortly address in this session. Why it is going to be key that companies should consider an outcome-based managed services going forward.

Event Recording
Why Active Directory is the Prime Cyber attack Target - and what to do about it!
May 10, 2023

For more than two decades, Microsoft Active Directory (AD) has been the de facto method organizations use to authenticate and authorize users for access to computers, devices, and applications within a company’s network. Most companies still rely on it and have further extended its reach into the cloud by synchronizing their on-prem AD with the Microsoft Azure AD to allow proper SSO to cloud-applications by their users. AD is celebrated for its extensive compatibility with various applications and Windows editions, but that compatibility comes with security downsides.

Compromises of Active Directory can occur as an entry point leading to a further attack or can arise at various other points along the kill-chain following an initial compromise via some other mechanism. Even in cases where a compromise is gained following an attack on applications or infrastructure directly, it is frequently infeasible for an attacker to progress further without elevating privileges, making Active Directory a primary target in an overall breach strategy.

It is therefore important that Active Directory defense tools are paired with a wider Zero Trust and XDR approach to provide full visibility over organizational infrastructure, enabling security teams to accurately identify the point of origin of an attack, and to perform the containment and remediation actions required to neutralize and prevent reoccurrence of an attack.

Join Principal Technologist, Guido Grillenmeier, to discuss AD access points used in recent cyberattacks, security risks to watch for in managing AD with Azure AD, how to look for warning signs that AD has been compromised and steps to take in the event of an attack.

Event Recording
Best and Worst Practices of Digital Wallets User Experience
May 10, 2023

Digital identity wallets are central components for Decentralized and Self-Sovereign Identity (SSI) approaches. They are the interface for users to manage their identities and gain access to services. Hence, the usability and user experience of these wallets is pivotal for the adoption of those popular and privacy friendly identity management concepts.  This talk will summarize research findings into naming some of the Best and Worst Practices to be considered in the further development of the user experience of Digital Wallets.

This talk would highlight multiple studies, publications, and projects that I have done on this topic.  However, if you would prefer another topic, I could propose another talk idea that would be related to other identity topics in either the Digital Wallets, mGov/eGov Services, or Trust Management.

Event Recording
Zero Trust in an Industry Where Trust is Key
May 11, 2023

How does a Financial Institution deploy a Zero Trust Model where employees and consumers need access to so much vital data in near real time.

Event Recording
Building the Roadmap for Your Future IAM | Workshop
May 09, 2023
Event Recording
The Human Impact of Identity – Women in Identity Code of Conduct
May 11, 2023

Women in Identity strongly believes there is a need for a global Identity Code of Conduct to address identity exclusion—being excluded from access to identification credentials — that subsequently leads to exclusion from financial services and products.

The Women in Identity team are half way through their research project with the current phase focused on the development of the code of conduct.

This panel will share early look at the guiding principles that will ensure all users of digital identity systems have a consistent and high-quality user experience.

Event Recording
A Sovereign Cloud for the German Government
May 11, 2023

You will learn about the Sovereign Cloud for the German Government, this solution is based on Azure and operated by Delos Cloud Gmbh

Event Recording
Together. Stronger. Why Community is Important
May 10, 2023

There are many benefits when we cross over the silos of vendors, clients and service providers

In this panel discussion, we will talk with community leaders in our industry about the benefits of community, how the power of community extends beyond peer-to-peer support, and accelerates business innovation, grows market share, and increases customer retention. 

We will also talk about how they work to foster and engage the greater community,  and why you should get envolved.

Event Recording
An Analysis of Global Decentralized Identifier Data
May 12, 2023

Decentralized Identifiers (DIDs) offer a unique solution for digital identity verification, allowing individuals to have complete control over their own identity and eliminating the need for a centralized registry or authority. In this session, we will explore the insights that can be gained through the analysis of global DID data. At Danube Tech GmbH, we have developed version trackers that monitor various DID methods, such as did:indy, did:ebsi, did:ion and others, collecting and storing data on DID transactions in our database for analysis. During this session, we will present the results of our latest analyses, including trends in DID transactions over time, distributions across different verification methods, and errors found in DIDs and DID documents. This information can be valuable for businesses looking to understand and utilize DIDs in their operations, as well as for individuals seeking to use DIDs for their own digital identity management.

Event Recording
Modern Authorization Panel - Going Beyond RBAC
May 10, 2023

Every cloud-native application needs some form of access control. Most applications provide role-based access control (RBAC), which has limitations when it comes to enterprise scale and fine-grained access control. 
Zero trust architectures require us to go further. Following the principle of least privilege, modern cloud apps can implement just in time authorization with fine-grained controls. With a fine-grained model, access rules can be defined on the application’s resources, often down to individual items. And a just-in-time model helps ensure the user has access to what they need, when they need it.

Two ecosystems are emerging around modern authorization: Policy-as-code and policy-as-data. Open Policy Agent (OPA) brings a policy-as-code approach to fine-grained authorization, and Google’s Zanzibar is the most known representative of the policy-as-data camp.
Join the panelists to discuss new developments in modern authorization, and compare the strengths and weaknesses of policy-as-code and policy-as-data as foundational models for a robust access control system.

Event Recording
Open Banking and Open Data - Global State of Play. Current Trends and Recent Developments
May 10, 2023

Open Banking is a true global movement that has already been implemented in many countries and being implemented in many others in the next few years. While the overall objective of Open Banking is the same, every implementation is different. This session will provide an overview of analysis of different ecosystems, different approaches to implementation, industry standards used, best (and worst) practices and potential future developments.

Identity and API security are key building blocks for any trust ecosystem supporting Open Banking. We will explore why every Open Data project becomes an identity initiative.

Event Recording
Breaking the Status Quo: Achieving Mature Access Governance Within Days
May 11, 2023

Securing access to data and applications has become a cornerstone of any modern cybersecurity strategy.

User access governance projects however have a history of incurring multi-year roll-outs and requiring specialized personnel, making many companies shy away and bear excessive cyber risk.

For those companies, approaching user access governance as a data problem can provide the answer. This approach effectively trims down user access governance to its essentials: low-effort data collection, user-friendly risk analytics, access reviews and plugging into the existing ITSM processes. This data-driven approach has the potential to let companies achieve mature access governance in a matter of days, not months.

In this session, Elimity CEO Maarten will give an overview of the essentials of user access governance and will showcase how this approach is successfully applied in practice by industry leaders such as Securitas, the Belgian Railroads and Federale Assurances.