Virtual Conference

Identity and Access Management: Rethinking your organization’s approach to credentials and permissions

On-Demand Event Tuesday, June 29, 2021 - 10:45 AM EDT

Earn up to 6.5 CPE credits by attending this virtual conference.

Insider threats are among the most difficult cyber risks to detect and prevent — and getting identity and access management (IAM) right is an essential step in keeping threats at bay. The shift by many organizations to predominantly remote workforces has compounded the issue, with larger organizations especially vulnerable as the number of entry points to their networks has increased.

From strong authentication protocols to behavior monitoring capabilities, next-generation identity and access management solutions are showing the way forward. An effective IAM approach will enable security organizations to separate signal from noise — managing and resolving a broad range of exceptions and system-admin failures. It also must fit your organization’s culture and operating model. On June 29-30, SC Media convened an all-star team of identity security experts to discuss the role of identity and access management in rethinking your organization’s approach to insider threats. Topics include:

  • The fundamentals of Identity and Access Management
  • Tools and software that help combat insider threats
  • Why insider threats aren’t just tied to malicious employees

Register today for a fresh look at your organization’s approach to IAM, and its exposure to insider risk.

AGENDA

Day 1

10:45 AM ET 
Program opens
 
11:00 AM ET 
KEYNOTE | IAM in the age of remote work
Tee Patel, COO and vCISO, Iron Oak Security  

A vast number of organizations have changed their culture, due to the pandemic, where working remotely has become the norm. This poses opportunities and risks. It also creates a variety of challenges: Prolonged lockdown mandates have prevented critical staff from visiting their offices. Providing remote access for assistance, support and mandatory audit requirements can be challenging. Plus, many organizations have yet to implement identity verification processes internally. Clearly, it is essential for organizations to simplify these and other identity and access control challenges. 

Join Tee Patel, from Iron Oak Security, in this keynote session to learn: 

  • How to implement and simplify access control, identity verification and authorization 
  • Strategies to navigate complex privacy requirements in a globally distributed workforce 
  • Tips to maintain resilience 

11:30 AM ET 
Visit exhibit hall

11:40 AM ET  
Using cloud-based identity services in a zero-trust world – Is it safe?
Steve Schmalz, Field CTO at SecurID an RSA business 

In our cloud-based world, more organizations are looking to obtain their IT services from cloud providers. Should they also look to obtain core security services like authentication and access control from the cloud? This talk will address this question and discuss the various advantages and security challenges such a process entails. 

12:10 PM ET 
Visit Exhibit Hall

12:20 PM ET 
Securely delight your customers with Okta Devices 
Tanvir Ahmed, Sr. Product Manager, Devices Sphere, Okta  
Aakash Mehta, Product Manager, Mobile Platforms, Devices Sphere, Okta 

As the world increases towards a mobile-centric digital landscape, providing differentiated security and user experience across mobile and digital channels is pivotal. What’s not to love when users leverage their mobile device to securely authenticate into any digital channel or authenticate without the pain of passwords. Furthermore, you can feel satisfied that you have accurately identified a user’s device.  

In this session, we will explore end-to-end device use cases using Okta Devices SDK, API, and Device Grant Flow story touching upon how Okta enables you to securely authenticate/transact on various devices. We plan to also touch upon some of the upcoming work for the SDK, Transactional MFA etc. We hope customers get a good understanding of how to leverage Okta in their overall CIAM unmanaged device strategy. This session will likely include an MVP demo using the Devices SDK. 

12:50 PM ET
Visit exhibit hall

1:00 PM ET
You can’t phish an empty pond – How passwordless is the next essential step in your zero-trust journey 
Richard Archdeacon, Advisory CISO, Duo Security at Cisco 
Josh Green Technical Marketing Engineer, Duo Security at Cisco 

We have all heard how important zero-trust is to our organizational security, but most of us are still carrying around some baggage from a past relationship: the password. Let’s talk about how to get that obstacle out of your zero-trust path. Where does passwordless fit logically? How, and more importantly, where will it work? 

Join Duo advisory CISO, Richard Archdeacon, and technical marketing engineer, Josh Green, for answers to these questions and more. 

1:30 PM ET  
Visit exhibit hall

1:40 PM ET 
Transform your corporate network to meet today’s business needs 
Barry Fisher, Director of Zero Trust Product, Cloudflare

When applications and users left the walls of the enterprise network, security teams had to compromise on how to keep data safe. Those location-centric methods of securing employee traffic – like on-premise VPNs, firewalls, and web proxies – have broken down under pressure, leaving companies with limited visibility, conflicting configurations and excessive risk. 

As security teams navigate ongoing transformation, it’s imperative to consider security controls that are unified, scalable, easy to manage and won’t introduce latency. Join Barry Fisher, director of zero trust product at Cloudflare, as he shares how your organization can transform your corporate network to meet today’s business needs. 

In this presentation, we’ll discuss: 

  • Recommended approach to adopting SASE 
  • How to protect applications with identity, posture and context-driven rules 
  • How to verify, filter, isolate and inspect a single pass with the fastest end-user experience in the industry 
  • The fastest zero trust browsing and application access platform 

2:10 PM ET 
Visit exhibit hall

2:20 PM ET 
Security challenges with digital coworkers
Larry Chinski, Vice President, Global IAM Strategy, One Identity by Quest

As organizations continue to grow, especially through acquisition, the adoption of tools to automate processes to augment workers has become increasingly popular. In an effort to increase the operational efficiency that tools such as Robotic Process Automation provide, the security element is oftentimes forgotten. Join One Identity’s Larry Chinski to discuss threats that digital coworkers pose in an organization and how to mitigate them. 

2:50 PM ET
Visit exhibit hall

Day 2 

10:45 AM ET 
Program opens
 
11:00 AM ET  
KEYNOTE | How to keep up in IAM’s era of new possibilities 
Bob West, Chief Compliance Officer, Metal

The concepts and technologies behind identity and access management have repeatedly changed over time, but the COVID-19 pandemic greatly accelerated the need for further evolution and progress. As we enter this new epoch in the history of IAM, it’s important to know what challenges and what opportunities lie ahead. In this keynote Q&A session, Bob West, chief compliance officer for the payment app Metal, will explain how today’s security professionals will need to consider how IAM is changing in light of such developments as migration to the cloud, passwordless authentication, biometrics and more.

11:30 AM ET 
Visit exhibit hall

11:40 AM ET  
The path to zero trust: A security paradigm shift 
Christopher Hills, Senior Security and Architecture Engineer, BeyondTrust 

As the traditional perimeter continues to blur, the more zero trust comes into focus. The seismic shift to remote working and shift to the cloud have also accelerated the demise of the traditional perimeter and is driving an increased focus on zero trust. Many organizations have begun to embrace zero trust frameworks and are building these into their security strategies. Understanding your barriers to zero trust will also help you forge the best path to optimally securing your environment, including upgrading from legacy applications and architectures to ones that support zero trust.  

In this session we will explore: 

  • What zero trust is and how NIST defines it 
  • The goals of zero trust 
  • Roadblocks to zero trust 
  • How privileged access management can help enables zero trust. 

12:10 PM ET 
Visit exhibit hall

12:20 PM ET  
Leveraging IAM for effective and efficient threat mitigation  
Lonnie Benavides, Head of Infrastructure and Application Security, OneLogin 

There’s no question that the current cybersecurity landscape is constantly shifting and evolving as new threats and security solutions emerge. Increased cyber-attacks and distributed workforces have created new challenges that require innovative solutions. 

Faced with the challenge of managing identities and securing access to data and applications from a growing number of endpoints, what are the fundamental controls organizations need to maintain business continuity and secure their remote and hybrid workforce? 

Hear from Lonnie Benevides, head of infrastructure and application security at OneLogin, for a discussion on practical information and advice regarding the utilization of identity and access management solutions to effectively mitigate modern cyber threats to your business. 

12:50 PM ET  
Visit exhibit hall
 
1:00 PM ET
Why entitlements are essential to securing your cloud infrastructure 
Or Priel, VP Product Management, Ermetic

This year more than ever before, everyone is ramping up their cloud use. Do you know what to prioritize to protect your cloud infrastructure from risk? 

By 2023, 75% of cloud security breaches will be due to inadequate management of identities, access and privileges [Gartner]. Understanding, remediating and preventing risky and excessive permissions to resources is the new priority for any organization shifting to the cloud. The challenge is enormous, with the number of services exploding and access permissions in the thousands. Multi cloud makes life even more complex for security practitioners given that every CSP has a different approach to permissions management. 

Join Ermetic’s Or Priel, VP product management, to learn how to manage identities and privileges, build least privilege policy and reduce risk in AWS and Azure. We will cover: 

  • Azure’s RBAC vs AWS’s IAM roles and policies 
  • Governing access and protecting sensitive resources 
  • Strategies for enforcing least privilege 
  • Automation and analytics in mitigating risk across clouds 

1:30 PM ET  
Visit exhibit hall

Sponsors

BeyondTrustCloudFlareDuo SecurityErmeticOktaOne IdentityOneLoginSecureID at RSA
0%