Join us for four immersive days of discussion and learning with world leaders in the practices of Identity Management, Security, Privacy, Innovation and Architecture, and Data.
Overall Conference Schedule
Day 1 – Tuesday
Days 2, 3 – Wednesday, Thursday
Nov. 3, 4
Main Conference Presentations and Panels
Day 4 – Friday
Main Conference Details
Wednesday Nov. 3
Introduction, Conference Keynote. “The New Digital Normal”
Speaker: Gary Rowe, CEO and Principal Consulting Analyst, TechVision Research
This year’s conference will focus on how enterprises can best balance the opportunities and risks we are encountering as we live through the new digital normal.
The concept of the Digital Enterprise took on new meaning in early 2020 given the seismic impact of the pandemic on work, commerce, and life. Supply chains broke down, customers stayed home, enterprises shifted focus from growth to survival, living rooms became offices, and enterprise data that was safely tucked behind the firewall is now residing on thousands of endpoints spread across the country.
These shifts accelerated many digital transformation programs by years and continue to test our assumptions about our business models, architectures, and use of technology with a particular emphasis on enterprise speed and resilience. In response, the world of Identity and Security has dramatically shifted and is still evolving with a premium placed on risk management, governance, innovation, and user experience.
This session sets the stage for the rest of the conference and describes the takeaways organizations should garner from Chrysalis 2021.
New Building Blocks; A Cloud-First, DevOps and Microservices Foundation
Speaker: Patrick McClory, Principal Consulting Analyst, TechVision Research
This session describes what was already trending and further accelerated in the areas of “cloud-first”, DevOps and Microservices.
The ramifications of the moving to new, iterative, and dynamic development approaches permeate through all the topics we’ll be covering during the conference and this level set provides guidance as to what these trends are and how they impact large enterprises. This sets the stage for developing a digital services supply chain with containers and services that will be the foundation for our next generation set of digital services.
Pandemic Lessons Learned: It starts with Governance Best Practices
Speakers: Doug Simmons, Principal Consulting Analyst, TechVision Research, author of TechVision’s Governance Report, Fred Cohen, Principal Consulting Analyst, TechVision Research
This session will start with TechVision’s guidance as to how governance needs to consistently reflect policy and orchestrated across Identity, Security and Data management.
Identity Governance and Administration (IGA) Level Set and Vendor Strategies
Speakers: TechVision Principal Consulting Analyst, Lori Robinson, VP Strategy, SailPoint, Nick Nikols, VP Identity, Micro Focus, Jackson Shaw, Chief Product Officer, Clear Skye, Paul Mezerra, VP Strategy, Saviynt, pending (IBM, Cloudentity)
This panel session will start with a quick IGA level-set, its growing importance, expected future state and key enterprise requirements.
IGA is all about how we provision and govern access and how we define policies and ensure execution. We’ll then get a fresh perspective on the strategies and future state from key IGA providers.
Executing on the Future of Identity Management; New Capabilities to Support and Secure the Digital Enterprise
Speakers: TechVision Principal Consulting Analysts Doug Simmons, Gary Rowe
The pandemic has accelerated the new Digital Enterprise including developing a future state strategy that supports new objects (customers, partners, services, “things”), increased scale, increased integration, more flexibility, and the movement of resources to the cloud.
In response, IAM needs to move from a static, structured environment to one that is more dynamic, inclusive, and flexible as this will be critical in support of the Digital Enterprise. A strong identity ecosystem provides the foundation for much of the innovation discussed earlier and supports enterprises as they evolve digitally.
In this session, the TechVision team discusses our vision for the Future of Identity Management and how enterprises can best plan and execute their path to the future. We’ll also set the stage for the Identity portion of the conference. TechVision will introduce our Reference Architecture for IAM as a platform for enterprises to identify, secure and improve the user experience associated with our new Digital Enterprise.
IAM Case Studies from Sempra Energy and Blue Shield of California
Speakers: Jenna Morton, Head of Identity Program, Sempra Energy, Miquel Furtado, Senior Manager Identity at Blue Shield of CA
Our case studies describe major programs to build new IAM foundations for enterprise and customer use cases;
these real-world examples provide insights and lessons learned from the leaders of these efforts. We’ll first hear from Sempra Energy as they evolved their overarching IAM reference architecture, and now are deploying and iterating on their new enterprise IAM services. The second case study will feature Blue Cross Blue Shield’s Identity and Access Management program goals, lessons learned and going forward strategy.
Customer IAM; Securing and Understanding Our Customers
Speakers: TechVision Research Principal Consulting Analyst, Inviting ForgeRock, Microsoft, Okta, Akamai, and SAP
A CIAM program - properly executed, is a conduit towards building lifetime digital customer relationships.
Establishing trusted connections and building relationships that generate useful data and can be served by better customer knowledge are keys to digital business success – as was so apparent during the past 18 months. This session will provide a brief level set from TechVision and then have key vendors describe their approaches, value proposition and future state plans.
The Disruptor: Decentralized (Blockchain/Self-Sovereign) Identity Systems and Verifiable Credentials
Speakers: Gary Rowe (Moderator), TechVision Research, Phil Windley, Former Chair of the Sovrin Foundation and Architect, CIOs office at Brigham Young University, Kim Cameron, pending (Microsoft, IBM, Evernym, Ping, 1Kosmos)
Traditional identity systems are mostly geared toward authentication and access management for known entities.
A decentralized identity system adds a focus on authenticity and how a community can establish trust across the boundaries of any ecosystem. In a decentralized identity future, credentials can be shared between parties with authenticity, security, and privacy guaranteed; or at least, that’s the promise.
This panel session will describe this new approach, assess industry and vendor offerings, and describe implemented case studies currently solving real-world problems. We’ll look to provide insights to help enterprises better understand what this new environment is, how it benefits the enterprise and how it is evolving.
Building the next generation IAM foundation via standards and integration
Speakers: David Goodman, TechVision Research and former Exec Director, Open Identity Exchange, Wade Ellery, Director, Solutions Architects, Radiant Logic, Gerry Gebel, Head of Standards, Strata Identity
For many enterprises, the IAM architecture so established and critical to success that there’s a strong hesitancy on the part of anyone to change what’s working.
But changes are required to make it work in the digital enterprise, and those changes don’t replace your architecture, they become a part of your architecture. These new parts of your architecture must work with the older parts to keep digital operations running smoothly and safely. This is where the right standards and the right integration tools can provide the flexibility and inclusiveness required to support the modern digital enterprise.
This panel session describes the key standards, architectural elements, governance models and integration tools and approaches needed to extend/integrate existing services while transitioning the foundation for the future.
Identity Legends Panel
Speakers: Ian Glazer, Lori Robinson, Doug Simmons, Kim Cameron, Eve Maler, others pending
This session will close out Day 1 with a discussion about the past, present, and future of Identity Management by the “legends” of Identity Management.
These leaders will discuss, debate, address your questions and provide advice to our attendees. They will also reflect on what has been discussed during the day. The focus will be on how large organizations architect and develop strategies in the Identity Management area that support the Digital Enterprise. This will include pragmatic advice for the enterprise and the overall industry as to how we might approach lingering challenges and how we might prepare for the expected future. This session will leverage the expertise of both the legends and the audience to better frame the problems and potential solutions for enterprises and the industry. If these problems were easy to solve, we wouldn’t be debating some of the same issues we were discussing 30 years ago.
The “legends” are some of the top analysts, thought leaders, consultants, visionaries, and experienced practitioners in this area and will be given an extended session to share their wisdom.
Thursday Nov. 4
Recap of Day 1, Day 2 Agenda, Theme and Keynote Level-Set
Speakers: TechVision Principal Consulting Analysts, Gary Rowe, Diana Kelley
The Day 2 is all about transforming the security capabilities to adapt to the needs of digital enterprise by maintaining the appropriate risk level while supporting new business requirements.
These transformed security capabilities need to be cloud-friendly, flexible, user-friendly and provide necessary protection against not only the “bad guys” but provide protection from the emerging privacy and data protection regulations. Diana Kelley will provide her thought-provoking perspective on the Technology, Security and Risk to kick off the day.
Security Legends Panel
Speakers: Fred Cohen, Dan Blum, Nick Nikols, Steve Roberts, Diana Kelley
This session will take the “legends” in the Industry and have them set the tone for the agenda on Day 2.
These leaders will discuss, debate, take questions and provide advice to our attendees. They will also reflect on what has been discussed during the conference that pertains to security and risk management and what they feel should be discussed for the duration of the conference. The focus will be on how large organizations architect and develop strategies that support a “safe” Digital Enterprise and how this has been accelerated and modulated during the past few COVID-19 influenced years.
This session will leverage the expertise of legends and the audience to better frame the problems and potential solutions for enterprises and the industry and help set the tone for the conference on Day 2. These “legends” represent some of the top analysts, thought leaders, consultants, visionaries, and practitioners that have unparalleled knowledge and experience in this area. This panel includes:
- Dan Blum; one of the world’s foremost analysts, consultants and thought leaders in the security and identity management areas. Dan’s the author of the TechVision Security Reference Architecture, author of an acclaimed recent book called “Rational Cybersecurity for Business and former Gartner Research Vice President.
- Steve Roberts the Chief Information Security Officer at Honda North America with previous technology leadership roles in the security, identity, privacy, digital transformation, CIO leading/supporting to his current CISO role.
- Fred Cohen; he is widely considered to be one of the leading security/risk experts in the world. He is best known as defining the term “computer virus” in the early 80s and the inventor of the most widely used computer virus defense techniques. Fred also started the security practice at Burton Group along with Dan Blum and has built/guided cybersecurity programs and defined security best practices for the past 30 years.
- Nick Nikols; former Burton, Gartner and TechVision Analyst who has designed security services, led product teams and served as a top analyst and consultant in this space over the past 30 years. Nick is currently the Vice President of Identity Services at Microfocus.
- Diana Kelley: Cybersecurity leader over many decades at Burton Group, Gartner, IBM, Microsoft (most recently Field Cybersecurity CTO) and one of the most sought after public figures in cybersecurity.
The New Security Foundation; Start with Zero Trust
Speakers: Sorell Slaymaker, Principal Consulting Analyst, TechVision Research, leading Zero Trust vendors/industry experts being invited
The speed by which change occurs in enterprises today, the sheer volume of data, the relationships to be managed, the new development models such as DevOps and the diversity of the platforms that need to be appropriately secured require a new way to think about security.
This session will describe this approach and provide food for thought for CIOs, CISOs, architects and LOB leaders as they plan to secure and mitigate risk in this new world.
A key premise is that organizational silos and traditional security architectures cannot support the business effectively as enterprises adopt mobile and cloud-native platforms. To protect business assets in these environments, organizations must establish new methods, capabilities, and instrumentation. Security controls must be both agile and scalable (much like the identity services we discussed on Day 1), providing new capabilities that match this new environment. These new concepts and approaches will be described in this session.
Modeling Next Generation Security: The Multi-Cloud Security Reference Architecture
Speaker: Dan Blum, Principal Consulting Analyst, TechVision Research
Dan describes the TechVision Security Reference Architecture he developed
as a model for describing a holistic set of key security capabilities to
- help enterprises gain control of and better define their security program,
- future state goals and
- to be used as a foundation for putting enterprises in the “driver’s seat” when evaluating vendor offerings.
Future State Security Starts with Resiliency
Speaker: Nick Nikols, Vice President, MicroFocus
Resiliency is an essential element of an overall cyber defense strategy.
While traditional strategies have focused on keeping out cyber adversaries, more effective newer strategies—combined with a resiliency focus—ensure that critical capabilities continue despite successful attacks. The persistence of advanced cyber threats generally means that if an organization is targeted, eventually it will be compromised. Consequently, organizations must be able to “weather the storm” of cyber-attacks and continue to provide critical functions. To minimize the impact on an organization’s critical missions, business goals, and operations, resiliency must be built in, utilizing many techniques working in concert – implementing both protective and detective controls and establishing a process of continuous improvement where these controls can evolve and aid the organization to be able to intelligently adapt to the changing threat and business landscape.
Pay Particular Attention to Privileged Users—Developing Your Privileged Access Management (PAM) Program and Strategy
Speakers: Doug Simmons, Principal Consulting Analyst, TechVision Research, pending (CyberArk, BeyondTrust, Microsoft, and Saviynt)
Many if not most breaches start with compromised credentials.
This session will describe an approach to developing a “least privileged” security model and leveraging increasingly sophisticated PAM products and services. PAM is a specialized category of access management that provides increased protection for administrative accounts that are the most highly coveted by bad actors and can generally do the most damage. We’ll also get insights into the directions and investments being made by key vendors in this space and include guidance for enterprise security leaders.
Innovation Delivery and Execution Model for Next Generation Security/Risk
Speakers: Gary Zimmerman, Principal Consulting Analyst, TechVision Research, author of TechVision’s Innovation Reference Architecture, Wil Koenig, Atos, Former TechVision Research Principal Consulting Analyst
In the digital enterprise, innovation isn’t a one-time program; it is a continuous process that becomes a source of competitive advantage in a rapidly changing market.
As mentioned throughout the event, enterprises are focused on speed and resiliency as they change to meet the new normal; and executing on continuous innovation is critical to success. That‘s why companies are adopting new architectures, platforms and development techniques to deliver value to their customers. “As a service”, microservices, API exposure, and workflow automation are transforming how digital services are being developed and delivered as part of a growing API first strategy.
Today’s digital enterprises are deploying API Gateways to create that API-first experience through integrating their own applications regardless of where they are running with a growing network of third-party, API-driven services that provide key functions such as payments, communications, shipping, identity verification, background checking, monitoring, alerting, and analytics.
TechVision will build upon the Innovation Reference Architecture debuted at our last event by describing the ways to execute their innovation efforts using continuous, sustainable processes, and provide lessons learned from implementing major transformation of development methods within a major outsourcer.
Upgrading Authentication Models; MFA, Password-less and more
Speakers: Doug Simmons, Principal Consulting Analyst, TechVision Research, pending (1 Kosmos, Cisco, Microsoft, Okta)
We have anticipated the demise of password-centric authentication for decades.
Our position is that this future is now or at least rapidly approaching. For the reasons we have been discussing – device and network ubiquity, reliability, Bring Your Own Device (BYOD) initiatives coupled with the accelerating levels of fraud associated with password-based authentication, the time has arrived to explore new patterns of authentication given the increased risk profile for your enterprise.
MFA is becoming the standard, while password-less authentication, biometrics and other advances in authentication are being explored in support of the digital enterprise. This session will include a TechVision “level set” on these new patterns and perspectives from selected vendors as to how this landscape will and should change.
Collaboration Platform Security
Speakers: Sorell Slaymaker, Principal Consulting Analyst, TechVision Research, pending (Microsoft, Cisco, Zoom and Google)
Another area exposed during the pandemic lockdown is the importance of collaboration platforms and a major area of exposure has been security.
This session will look at the state of security on these platforms, future state requirements and then have key platform vendors address their strategies and vision in this area.
Pragmatic Security and the Evolving Role of AI/ML/Analytics
Speakers: Jeff Nichols, Principal Consulting Analyst, TechVision Research, Diana Kelley TechVision Research, pending (ForgeRock, Microsoft, and Okta)
The pace of change in development and production environment in the digital enterprise quickly becomes harder and harder to manage.
Monitoring user behavior, service deployment and failure, error detection, and data access at real-time scale requires a different strategy than a traditional IT environment. It also creates challenges with respect to privacy.
In this session we will discuss the trends in using Analytics (AI, ML) to manage application delivery, quality, security, and performance in a dynamic DevSecOps / cloud native environment.
Registration Is Now Open!
Don't miss this exclusive opportunity to personally interact with some of the best and brightest in Identity and Security.