Programme

Registration 08:30 hrs

Registration possibility participants

Opening 09:15 hrs

Opening Programme by Moderator

Keynote 09 :30 hrs

“Towards Fine grained Digital Identities”

Digital identity is the core and fundament for all digital transactions. Indeed, without it, it is impossible to control access to data and services correctly. Next to that, it is evident that the requirements/rules regarding secure digital access are changing along with the context/process, and along with the use case in which one finds itself. User contexts and privacy requirements are dynamic: access requests vary from healthcare records, to bank account data and very high to low value financial transactions. As a result, the processes by which (trans)actions need to be approved become significantly more complex – the old IAM-models (such as role based access control) are getting to their limits. Using Attribute Based Access Control and “fine-grained identity” are strategies to answer to above-mentioned challenges. At the same time you will understand they have the advantage of allowing business/compliance truly to express the rules they want to be applied during the process of granting access. This presentation will discuss the challenges mentioned and provide you insights into how you could move from your current IAM towards the world of fine-grained digital identities and ABAC.

Keynote 09:55 hrs

Extend you enterprise IAM strategy to where the money is being made

As Identity Management is becoming mainstream, the audience around IAM requirements is changing from just employees to B2B and CIAM. While organisations are taking advantage of digital transformation, it is no longer just a way to keep the lights on in your business, it is becoming a money maker. In this session Frank Benus, Solution Engineer from Okta, will discuss how extending your IAM strategy towards your core business will help you deliver secure and seamless experiences while opening new opportunities to differentiate your products and services. In a dynamic session, he will briefly explain the concept of Oauth2.0 and Open ID Connect, and demonstrate how this can help you deliver value to customers and business partners.

After the session, you will gain better understanding on how IAM can drive business opportunities both in the B2B as well as in the B2C space. And how you can maximize your investment in portals and apps and deliver products and services even quicker and more secure to your customers and partners.

Interactive session 10:20 hrs

Opinion poll

Interactive session in which several IAM topics will be discussed with anonymous voting.

Morning break 10:45 hrs

Morning break with one-to-one meetings

Break-out session A1 11:25 hrs

Authenticate without a password? Yes we scan!

Did you also notice that we use more online services than 20 years ago? To establish our identity to these online services we still often use passwords or PIN codes at some point. Which works just fine - especially for criminals. But what if we have to authenticate ourselves to ‘things’ like smart TV’s or entrance doors that do not have a keyboard to enter our beloved passwords? Come join this session, and you will learn about how to authenticate yourself by simply pulling out your smartphone and scanning a QR code. Learn about the principles and witness a live demo of  passwordless authentication using IBM's Security Access Manager solution.

Break-out session B1 11:25 hrs

How to integrate a CIAM solution and which challenges can be expected?

Organisations want to deliver the best services to their customers. The challenge is to give the right access to the right service at the right time and facilitating self-service capabilities to customers. This was the goal of Securex, providing social services to organisations.

Expect insight in a successful project approach for implementing a CIAM solution and listen to our guest speaker from Securex about the faced challenges and how they have been tackling them together with Traxion as their IAM partner.

Exclusive Break-out session C1 11:25 hrs

Self Sovereign Identity and Blockchain

A self-sovereign identity via blockchain hands citizens the full control of their own data and identity and let them be in charge to use and re-use the claims and identity objects in many different contexts. This citizen-centric identity approach has gained a lot of international attention and interest and many different projects and initiatives try to experiment with or even implement these advantages for the citizen. A question that remains to be solved is what the role of the traditional central authority providers, like governments or financial institutions, is in this new concept.

In this roundtable we would like to debate the “blockchain on the move project” where the federal, regional and local governments in Belgium want to facilitate and use this self-sovereign identity on blockchain and debate how central authority providers can, should or shouldn't redefine their role.

Break-out session A2 11:55 hrs

IAM all over again with RPA

Robotics Process Automation (RPA) has emerged as an enabler for automating human user processes across an organization’s environment. 

RPA software interacts directly with the business application layer and mimics human behavior, credentials and entitlements. At the end of the day, RPA will use user and service accounts, with the immediate consequence that all the processes set up over years for managing and securing these accounts must be reconsidered: account lifecycle management, user/password authentication, strong authentication, Privileged Access Management (PAM), governance of access rights, recertification and so forth …

Break-out session B2 11:55 hrs

How Policy Based CIAM can improve the Customer Journey

In an ever changing and rapidly evolving world the fight about the customer is getting tougher. Companies that can offer a customer centric approach have the advantage. 
During this presentation you’ll get some industry-based examples of how policy-based Customer Identity and Access Management can help with these new challenges.
For different markets such as finance, insurance, HR and retail, a secure CIAM provides better and more flexible services to consumers. 

Keynote 12:25 hrs

Ensuring correct control of accesses in the API economy

NxtPort is a data sharing and process orchestration platform in support of parties active in maritime ports (eg the port of Antwerp). The guiding principle that NxtPort follows is that the data owner (eg a party shipping containers), who is not necessarily the data provider, stays in control of with whom and in which context their data is shared. This is easier said than done in the API economy with a wide variety of actors, a wide variety of technologies used and where networks are connected to other networks, while each party takes their own unique perspective on data ownership.

Lunchbreak 12:50 hrs

Lunchbreak with one-to-one meetings

Keynote 14:00 hrs

Overall governance and compliance within Belfius

Belfius, like many other organisations, wants to have complete visibility and protection of their data. To achieve this, they have first implemented automation, governance and compliance for access to their business applications and databases. However, critical data which is at its origin well protected and controlled, gets into presentations, spreadsheets, documents, etc and is saved on fileshares, Sharepoint, or cloud storage. Belfius is now implementing integration between their governance tools for applications, structured and unstructured data. In this session you will learn how they are achieving complete visibility and protection, while reducing IT involvement and compliance issues.

 

Break-out session A3 14:30 hrs

How API-Management can help you comply with GDPR?

Demo using Smart Device, IAM and API Management.

The Presentation will show how API Management governs IoT projects taking into account:

  • Threat protection (owasp 10)
  • Identity and Access Management
  • GDPR

The demo will show a use case in the health care industry.

Exclusive Round table B3 (Invitation only) 14:30 hrs

How to establish and maintain digital identity trust

Security and digital transformation leaders continue to grapple with the rapid evolution of how consumers' digital identities must be safeguarded and shared across channels. Customers, however, have zero patience for extra steps to open an account or complete a transaction. They expect their digital identity to be protected.

How can organizations establish digital trust with customers while maintaining the balance between secure authentication and a frictionless customer experience?

How can organizations maintain compelling and secure customer experiences and compete with startups that are not beholden to traditional channels and methods of authentication?

If you’re looking for new perspectives on these questions, then please join us for this exclusive executive roundtable.

Break-out session

European eIDAS regulation for your business

During this presentation, ENISA will quickly introduce eIDAS and put it briefly into perspective against other new EU regulations such as GDPR, PSD2, etc. 
This presentation will mainly focus on the business value and new opportunities of eIDAS, which are enabled by a broader usage of eID, e-signature, e-timestamp, e-seals etc.   

Break-out session A4 15:00 hrs

A digital society needs a digital identity

Our world is becoming more digital and more mobile every day. The sensitivity of information being exchanged online grows rapidly and data privacy is a real concern to many people. How are we facing new challenges to keep pace with today's digital transformation? Getting rid of all paper flows, taking KYC-process to the next level, improve customers’ experience, introduce a safer way to login and confirm transactions, be compliant with EU regulations and PSD2.  Creating a digital ID is one of the solution but it requires more than just technology.

Break-out session C4 15:00 hrs

Customer Identity en Strong Authentication for SME’s

How can you verify the digital identity of your customers and make the onboarding process seamless? How to integrate existing digital identities in a frictionless manner in your processes? Hear interesting case studies on how onboarding of private individuals and business customers has been enhanced within financial services and other industries.

Afternoon break 15:25 hrs

Afternoon break with one-to-one meetings

Break-out session A5 16:05 hrs

Key Requirements for successful eIDAS eSignature Solutions

The presentation highlights and explores the most important business requirements that an organisation needs to consider when defining their needs for an effective document workflow and digital signature solution. eIDAS (Electronic identification, authentication and trust services) is an EU regulation passed in 2014 and with various requirements coming into force in 2016 and 2018.In this area of business and technology the one constant is change and without the information in this presentation they risk finding their investment fails to deliver enough flexibility to protect their future. The requirements include data security, user authentication options, relevant standards, the importance of long-term signatures, deployment and branding considerations, the need for workflow and signature flexibility including advanced and qualified remote signing and of course the user experience.

Break-out session B5 16:05 hrs

GDPR and the protection of customer eIdentity-data

Three main functions are primarily involved in implementing and maintaining GDPR compliance in the context of managing customer data : Process owners, compliance project managers and Data Protection officers. 
A research conducted by a core team from Solvay Brussels School and legal experts from the Belgian Data Protection Authority resulted in a body of knowledge structured into five domains and more than sixteen sub-domains. Most are necessary to all three primary functions. They are also necessary for most involved parties in a secondary level: Legal experts, CISO, CISO, Risk managers, Auditors, etc. 

George shall present those domains and build on his experience while leading that research and when developing the Program in European Data Protection (solvay.edu/gdpr). 

Keynote 16:35 hrs

Build Trust: Identity, Consent and the Data Model

How does your organisation balance the demands of digital transformation with data security and privacy? The modern customer journey is a complex web of interactions – cross-channel, cross-device, at any time, in any place. So how can you seize the opportunity to redesign the journey, to make it more personal, contextual and to put your customer at the centre?  

In this session, Nick will highlight the opportunity for organisations to build trust by:

  • managing personal data at massive scale
  • delivering insights from analytics
  • introducing more devices, sensors and the connected world of IoT
  • complying with new privacy laws and consumer rights
Keynote 17:00 hrs

Digital Identity & Blockchain @Scale

When thinking about digital identity and blockchain, people automatically start thinking about physical persons and things like self-sovereign identities… However the digital identity-topic is much larger than that: What about the digital identity (and life-cycle) of a legal entity? What about the life-cycle of “assets” like real-estate, etc?  How to ensure related info can be made available in a trust-worthy and non-repudiable way? How to ensure authorized parties can get “consented access”?  Can shared ledgers play a role here or not. During this presentation we will dive into use cases like the  exchange of diplom-info across the EU, trusted publication of and consented access to enterprise info, ….   If time allows we will also dive into accelerating processes thanks to shared ledgers by automating subsidy-handling and eg introducing nature-coins….

Closing programme 17:25 hrs

Short wrap up from moderator

Networking reception 17:35 hrs

Networking reception at the the network area