Identiverse, the CyberRisk Alliance event for the identity security community is coming up soon. This year marks the 14th occurrence of the event, which is scheduled to take place from May 30 to June 2 in Las Vegas, Nevada. The event this year is packed with keynotes, panels, masterclasses and hands-on workshops. With such a rich agenda, it’s hard to decide which sessions to attend. To help, we’ve put together our list of top 10 recommended sessions. We chose them based on the innovation and forward-thinking state of mind they bring to the identity security discussion. We also chose sessions that identity professionals can learn from, including real use cases, best practices and career tips.
Here are the sessions you can’t miss this year:
1. 2023 Trends in Securing Digital Identities
Tuesday, May 30, 2:30 pm – 3:20 pm
84% of organizations reported an identity-related breach in 2022 and 78% of organizations experienced direct business impacts. Enterprises need to protect identities, but this is easier said than done. In this session, the speakers will share the results of the 4th annual Trends in Security Digital Identities report by the Identity Defined Security Alliance, which was conducted by Dimensional Research. Then, they will debate how organizations can secure their digital ecosystem, which investments should be made to reduce the risk of an identity-related attack and whether an executive-level communication plan for protecting identities can actually work.
2. Solving the Identity Skills Gap – What Skills are Needed and How Can We Grow New Talent
Tuesday, May 30, 2:30 pm – 3:20 pm
Identity and access management expertise is in high demand. However, there is little industry recognition for such skills. In this talk, the speakers will present data from the annual IDPro skills survey and discuss how the industry can grow new identity talent for current and future needs.
3. Zero Trust Architecture for B2C Identity at General Motors
Wednesday, May 31, 10:30 am – 10:55 am
GM prioritizes securing the digital experience of its customers. However, they also need to support a flexible UX. In this session, they will share their best practices for developing identity-based API services that focus on security and visibility, while aligning with a zero trust architecture. The talk will dive into core patterns of API security and provide recommendations for evangelizing this change across the enterprise.
4. Bah-da-bah-bah Bottleneck: Addressing Crew Onboarding Challenges at McDonald’s
Wednesday, May 31, 10:30 am – 10:55 am
McDonald’s relies on quick onboarding for new employees across 38,000 branches. However, in 2021, accounts were taking up to 24 hours to sync and crew members could not access key resources on their first day. To address this challenge, the McDonalds’ Global Identity & Access team redesigned sync processes and created a new data refresh system. In this talk, the speakers will share the team’s approach to solving performance issues and how they made sure their identity processes were designed to serve the direct needs of McDonald’s operators.
5. Stealing Identities and Privilege Escalation: The Real-World Story of a Ransomware Attack
Wednesday, May 31, 10:30 am – 10:55 am
This talk follows the footsteps of an ethical hacker as they responded to a real CryLock ransomware. Chief Security Scientist & Advisory CISO Joseph Carson will share the techniques used to launch an attack and what they uncovered from digital footprints left at the scene.
6. Understanding NIST Digital Identity Guidelines: A NIST SP 800-63-4 Master Class
Wednesday, May 31, 2 pm – 2:50 pm
Revision 4 of NIST Special Publication 800-63, Digital Identity Guidelines, was released in December 2022. In this talk, the presenters from NIST will share the changes in this new version. These changes cover the process and technical requirements for meeting digital identity management assurance levels for identity proofing, authentication and federation.
7. The State of OAuth
Wednesday, May 31, ֿ11:05 am – 11:30 am
What does OAuth 2.1 mean for developers? Okta’s senior security architect, who is also the co-author of OAuth 2.1, will share the latest developments. He will show how the new specs enable richer experiences and better security for applications and APIs using OAuth. In the end, he will cover the current status of this ongoing work.
8. Identity in the C-Suite? The Role of the Chief Identity Officer
Thursday, June 1, 9 am – 9:30 am
Should enterprises introduce a new role: the Chief Identity Offices? In this panel, the panelists will debate the pros and cons. They will contemplate the value of such a role, how it can be measured, responsibilities, boundaries, where it fits in, and more.
9. Distributed and Delegated Access Management
Thursday, June 1, 10:30 am – 11:20 am
Cloudification has changed the access management paradigm away from a centralized access management system towards a more distributed and delegated one. Attend this session to learn how to create a modern cloud-oriented distributed and delegated access management infrastructure. The presenters will be showing how to use OpenID Connect and OAuth 2.0 microservices.
10. Navigating Your Career Development as an Identity Professional
Friday, June 2, 9:05 am – 9:30 am
Have you thought about the next steps of your identity career? Most people haven’t. This talk will share thoughts on how professionals can become the best practitioners they can be while enjoying an engaging and challenging career. It will also include strategies for determining the best “next step” for your career journey.
Axiom will also be there! Look for us at booth 1141