LSEC from Home webinars provide key insights in Identity and Access Management, cybersecurity and data protection during the COVID-19 lockdown, while preparing for recovery and beyond. By focusing on trends and developments, up and coming regulatory changes, challenges, opportunities, best practices and discussions experts and practitioners in technologies, methods, tools and solutions we present a perspective on one of the core infrastructures and cornerstones of information and system security. During the webinars we will focus on authentication, access control, identification, identity, eID, forensics, priviliged access, single sign-on, MFA, ZKP and other developments.
Registrations : LSEC ID&AM Series *
Session 9, September 24th 9AM : Access Control Architecture to Govern, Identity Provisioning and Access Managment : Identity & Access Governance, Cloud, Devices, applications, people, electronic identities as security infrastructure, by Wouter Janssen, Axl-Trax
About : Wouter Janssen CISA CISSP CISM CGEIT CRISC CFE is an IT security specialist and partner at Axl & Trax, a consultancy company specializing in security in SAP environments. Wouter has over 17 years of dedicated professional experience in IT security, Governance Risk & Compliance, Identity & Access management as well as SAP environments. He has run and managed numerous IT security projects and is a trusted advisor for several international organizations. He's a regular speaker on conferences.
Up & Coming Sessions
Session 10 : Identity Infrastructures for the Future, Kim Cameron - Microsoft, October 10th
Previous Seminars :
Session 7th : ZKT - Zero Knowledge Trust, Stefaan Van daele - IBM, AP Cloud Security CoC, Executive Security Architect
The term "Zero Trust" is popping up in most of the cybersecurity related communication from security vendors, cloud providers and consultancy firms. In this webinar we will go a bit beyond the hype and look how zero trust principles would impact the design of security solutions. From Enterprise Security Architecture level down to detailed design, zero trust should be included at each level to get most out of it. While the zero trust principles aren't new, both new product capabilities and public cloud capabilities, do allow to implement zero trust in a more efficient way than before. During the session on Thursdya 9 July at 9:00 we walk through the different sExpertisees of security design with a zero trust focus.
About : Stefaan has 30 years of experience in IT and joined IBM in 1997. Since 2001 he is a Security Architect and, in that role, he fulfilled several positions at European and global level. As security architect, he is constantly looking for ways to implement security by design but also to achieve efficient security operations in support of Enterprise Security Architecture. In his current role, as member of the European Security Competence Center, he is assisting organizations in Europe with their security transformation projects in the context of Cloud and Devops. He is also lead architect for the Zero Trust Security services initiative. He is co-author of the IBM Security Blueprint V3 redbook.
Session 6, June 4th 9AM : IAM Culture: making the new rules stick, by Hendrik Parmentier, PwC, Security Culture
Abstract: Implementing an (I/P/CI)AM programme is an undisputed necessity in any contemporary, compliant organisation. But just having the right tools and processes in place doesn't magically make your organisation as mature. Most of these programmes have been implemented top-down, and users are, all of the sudden, confronted with a new way of working. We commonly see a whole range of people-related side effects and collateral damage.
Session 5, May 28th 9AM : Modern Identity Management - Delivering at the speed of business. In depth & use cases of modern ID&AM, Maarten Wouters, Principal Solutions Architect, Forgerock
Being able to provide a great digital experience without compromising on security is essential in order to remain your customers trust. The users are expecting more and organisations need to adapt to this Contextual Authentication, Progressive Profiling and UserNameless Authentication are all functions that a modern identity platform should be able to support to ensure a future proof solution.
In this webinar we will go in depth on a few of these user journeys, and how you can make sure your identity strategy will be able to answer the challenges of tomorrow.
Session 4, May 14th 9AM : Governance of ID&AM in a cloud environment, by Kurt Berghs - Trustbuilder
Cloud is the new normal. There is no doubt about that every company in whatever industry or activity they are can afford not being connected always, everywhere, with the necessary scaleability and agility that services in the cloud bring along. The COVID19 crisis has forced employers and employees to adopt from one day to another. Applications, data and services needed to be available for homework, or to be supported from a distance. Getting access to those systems can be seamless, but in Identity and Access there are far more granular ways to organize this rather than having credentials for each and every application or service, without oversight on connectivity. In this perspective connecting applications, API's, ensuring the right access, beyond CASB and ensuring compliance and security should be considered.
About : Kurt Berghs joined Trustbuilder in 2018. He wants to contribute toward optimally positioning the company on the IAM market in Belgium, the Netherlands and Luxemburg especially also in the areas of finance, insurance and retail. Before joining Trustbuilder Corporation, Kurt Berghs held several positions at Onespan (Vasco Data Security), worldwide leader in strong user authentication solutions including sales, product & channel management. Kurt started his career in 1998 at Deloitte & Touche and holds a degree in IT & Law from the University of Antwerp (UA).
Session 3, May 7th 9AM : Consumer Identity federated - decentralized Authorisation Management, by Ward Duchamps, CEO ScaledAccess
Sharing access without sharing passwords? How to cope with users with different rights to information, and systems? How to delegate those over multiple environments, share them with suppliers, or have customers getting access with adapted layers. Ward provides insights why and how we have to deal with authorisation in the cloud and how to cope with it. He provides examples pf global companies taking these ideas in their road to digital transformation, supporting their customer journeys and facilitating the supply chain.
About : Ward co-founded Scaled Access. Before Ward was Director Deloitte's Security & Privacy Services and led its Belgian practice for several years. Ward masters a unique combination of academic insight, engineering pragmatism and management capabilities. He can turn his ideas into results by simplifying complexity, choosing the right methods and empowering people to collaborate. He dedicated more than a decade of his professional career to information security and assisted amongst others AXA, ABInBev, BNP Paribas Fortis, Certipost, Combell, De Lijn, Doccle, Eandis, Flemish Government, Johnson & Johnson, KBC, MasterCard, Mobistar, NATO, Partena, Sanoma, SPE/Luminus, Terremark, VDAB and VRT. Ward is graduated as MSc Information Security (2012 - Royal Holloway University of London) and MSc Engineering (1995 - KIHK Geel). He is certified as CISM, CISSP, CISA, CGEIT and ISO27001 Lead Auditor. He has been trained by CERT, SANS, RSA, ISS, BSI Group, Cisco, HP, Microsoft and many others. He obtained 'Secret' clearance from NATO and the Belgian National Security.
Session 2, April 30th, 9AM : The Rat Race to Modern IAM: How to survive, by Sven Pauwels, PwC IAM Lead
Abstract: The last 10 years IAM products have evolved at a high pace and the companies delivering these products have been trying to either keep up or stick out by presenting a variety of new features and possibilities. And it is true, what is on the market now can hardly be compared with what was on the market five years ago. With the messaging, marketing and demo's that go with the efforts to provide customers with new features and functions also comes a lot of confusion and doubt. How can we be sure we pick the right product for our new IAM project? Next to that, there is a reason why products evolved so rapidly. The IT landscapes, threats and opportunities we are confronted with make for new needs and new approaches. But do we need every little feature we are being offered? How can we decide in an efficient and effective way what product to choose without spending half the budget getting to that conclusion? During our work on IAM projects for the last decade (and more), we have seen all the possible pitfalls of making a wrong or unfounded decision and based on that experience, we have defined a new approach for describing IAM needs and evaluating the possibilities based on needs, risk, cost and priority. All in an effort to help our customers survive the Rat Race to Modern IAM.
Session 1 : April 23th, 9 - 10.00h Identity & Access Management in the 21st century and beyond
Digital transformation has been in focus for most organisations the last years and digital identity & access management (IAM) is a key enabler for this. In this webinar, Alex Laurie, SVP, Global Solution Architecture at ForgeRock will look at what’s required both by organisations as well as the IAM considerations to meet the demands of a 21st century users. We will look at the good, the bad and the ugly of real life user experiences and talk about how a good customer experience no longer is only based on the users identity alone, but also non-identity signals. What needs to be done to keep up with the expectations. How can we leverage Machine Learning (ML) to provide better experiences?
Other relevant information :
- Kantara Initiative : Identity Assurance Providers definition and certification program
- Kim Cameron's Laws of Identity : 7 principles to guide different ID&AM systems
- Open Source ID&AM Systems : OpenIAM, Keycloack
- Zero Knowledge Proof : what, why how, when …
- Accidental: loss of time and productivity
- Emotional: resentment and alienation from the company tech
- Passive-aggressive: workarounds, shadow IT
- Cloud ID&AM, how and where to integrate
- Multifactor management
- Applying ML for IAM
- IAM and privacy
- Advanced risk-based PAM
- Experiences with SUDO and other Open Source IAM technologies
- Relying on 5G security mechanics for Authentication, Access and Slicing and Dicing traffic