Identity Management Day 2023

Keynote Panel: Identifying What's Wrong with Identity
Everything uses an identity. We still have identity-related breaches. Why? Every aspect of your activities is based on your identity. What you see and do online occurs because your identity and authentication determine your access authorizations. Join us to dive into what we need to be doing to support and manage identities and how we can prevent the problems that come from identity compromises. Some topics of interest will be Privacy, Zero Trust, Passwordless, Artificial Intelligence, and Security 101.

What You Will Learn
– Identify the key components for your strategy on identity management and protection.
– Look for the latest in processes and technologies in identity management.
– Go back to the basics and employ fundamental security practices.
– Know where to look for new trends in identity and identity management.

With official government-led digital recognition and ID systems gaining ground in the EU, what is the path forward in the United States? How can we safeguard privacy, prosperity, and liberty while securing the digital identities of the future? In this wide-ranging discussion full of international examples and case studies, we will discuss the incoming tide of identity management innovation and how we can work together to build a more secure interconnected world.

What You Will Learn
– What the international digital identity landscape looks like today.
– How to safeguard privacy while securing digital identities.
– What these systems could look like in the U.S. and what the public reaction could be.

Effective identity management ensures security for systems and people, enhancing privacy and enabling efficient digital experiences for businesses and individuals. IDPro helps its membership of identity professionals collaborate on best practices to develop and maintain effective digital identity management tools. In this session, we asked our members to share their most effective IAM practices for protecting and securing digital identity.

Join Heather Vescent, IDPro President and Executive Director, and guests who will share their best practices to create IAM excellence and address identity challenges within their organizations.

What You Will Learn
– Best practices to build your IAM team.
– Growing your IAM talent pipeline.
– How to address typical organizational challenges.

How mature is your Identity Security program? Are you prepared to respond quickly to evolving cyber threats and regulatory guidelines? A recent global survey of cybersecurity professionals indicates that a successful Identity Security strategy is based on the completeness of the four tenets – tools, integration, automation and continuous threat detection and response. We will discuss the findings and recommendations on how organizations can advance their Identity Security program.

What Will You Learn
– Top 3 Identity Security challenges and investments priorities.
– 4 tenets of Identity Security maturity.
– How to prioritize initiatives for measurable risk reduction.

Hackers don’t break in—they log in. Passwords are too easy to compromise, and even early generation MFA strategies can be subject to phishing attacks. Even when authentication strategies are successful, valid users and machines can be prevented from doing their jobs because of new and complex security processes. In 2023, cybersecurity executives must take action to enhance their authentication practices, but the path forward can be daunting. Join Axiad’s session to learn what critical steps can be taken today to implement a Zero Trust strategy with phishing-resistant and passwordless authentication.

What You Will Learn
– Taming complexity with a holistic approach to authentication.
– Avoiding common pitfalls when implementing a phishing-resistant strategy.
– Reducing end-user friction with real passwordless solutions.

In this tight budgetary environment, getting the maximum value from your investments is more important than ever. The same is true for your investments in identity security. Join this session to hear identity security practitioners, architects and leaders share practical advice and strategies to make your identity program effective and to maximize ROI.

What You Will Learn
– Strategies for minimizing Identity program costs and maximizing ROI.
– Tips on getting the people and process aspects right.
– How to make identity security understandable, useful and effective in your organization.

Everyone knows that MFA provides better protection against hackers than just SSO and 2FA alone. But even when cyber insurance requires organizations to use MFA, few have done so as it results in poor user experience and increased MFA bombing attacks.

Enter invisible MFA as part of the passwordless continuous authentication. It has all the security, but none of the friction of its legacy predecessors. Attend this webinar to learn what true invisible MFA really is and how you can deploy it in record time and save $28M / year (on average).

What You Will Learn
– The differences between legacy MFA and the latest invisible MFA technology.
– Best practices on how to best evaluate Authentication vendors.
– Armed with intelligent MFA, learn how you can effectively fight the two-front war of poor security and sub-optimal user experience.
– Customer tips and tricks on how to deploy invisible MFA as part of the passwordless continuous authentication in record time, save money, and attain the highest user adoption rate.

Operational resilience today depends on your ability to prevent and quickly recover from disruptions caused by cyberattacks. As Gartner notes, “misused credentials are now the top technique used in breaches…. attackers are targeting Active Directory and the identity infrastructure with phenomenal success.” Active Directory (AD) has long been a prime attack vector because of security vulnerabilities and misconfigurations that cybercriminals love to exploit. But by deploying a strong Identity Threat Detection and Response (ITDR) strategy, you can identify and address AD and Azure AD vulnerabilities, hardening your defenses against identity-related attacks and improving operational resilience.

What You Will Learn
– Why ITDR is key to operational resilience.
– Common tactics that threat actors use to target AD/Azure AD as an entry point into your environment.
– How to detect vulnerabilities in hybrid AD environments, including indicators of exposure (IOEs) and indicators of compromise (IOCs).
– How to guard against attacks that bypass traditional logging methods.
– How to ensure, a fast, clean AD forest recovery post-attack.

Everyone agrees it's time to kill the password to better the overall identity ecosystem, but the question of “with what” makes things a bit trickier. FIDO Authentication standards are touted by the public and private sectors as the best tools to get us there.

Join this session to understand the importance of the authentication piece of the identity puzzle, find out about the latest trends and standards for simpler and stronger authentication, and learn what we all need to do to reduce the world's reliance on passwords on a global scale.

Zero-trust architectures demand better control on sessions that live across distributed cloud services. Open Standards such as OpenID Shared Signals and CAEP are helping companies improve session control by passing asynchronous events between services. This session will discuss real-world use cases drawn from existing and planned implementations of the protocol standards.

What You Will Learn
– Standards-based solutions to zero-trust use-cases.
– Features of the existing standards: SSF, CAEP and RISC.
– Industry adoption.
– How to adopt or implement.

In this talk, we’ll look at how a modern approach to Identity Management is a critical enabler of Zero Trust. Gone are the days where identity can focus solely on managing access within a safe perimeter. Now, its on the front lines of one’s infrastructure and needs to be treated as such. In this talk, we’ll look at steps CISA has been talking to develop a defensible security foundation through investments in identity management and how that fits into our broader push for a more secure by design technology fabric.