properly aligning business goals with technology and innovation…and the technology is changing and disrupting at an unprecedented pace. Expectations and consequences can make or break businesses swiftly and decisively. Technology advances and innovations from the movement to the cloud, AI, Blockchain, IoT, DevOps and unprecedented attacks on our increasingly connected ecosystems require new ways of thinking about business and being prepared to act decisively with the right, secure and available technology infrastructure.  The keynote presentation and the focus of this conference will describe how enterprises can best take advantage of and be prepared for the tremendous opportunities while managing risk.

transformation to this new state is the chrysalis, the metamorphosis from the traditional enterprise into a Digital Enterprise. But the transformation part needs to be ongoing and the foundation needs to support rapid shifts in strategy, technology/market disruption, and change…and to do it securely.

Digital Transformation is one of the most hyped topics and we will look to provide our definition using our Digital Enterprise reference architecture as a framework for the topic and as a roadmap for this conference. We’ll define key considerations for preparing for and maintaining a secure, successful digital enterprise.

becomes a source of competitive advantage in a rapidly changing market. The ability for an enterprise to innovate is, perhaps, the most important factor in the long-term success or failure of an organization and we believe enterprises should treat innovation like they do other core business functions.

TechVision will describe an approach to systematize innovation using reference architecture to help enterprises organize their innovation efforts into continuous, sustainable processes, and provide lessons learned from implementing innovation centers of excellence in large enterprises.

microservices are enabling the transformation of IT from a back-office cost center into a data-rich, connected and responsive source of competitive advantage.

TechVision will describe current and future state technology, core principles, and design patterns that help an enterprise achieve responsive and scalable business function delivery.  We’ll also share a reference architecture to help enterprises envision the elements of and path towards a DevOps approach. We will also highlight the tactical, strategic, and cultural impacts that these changes imply.

transaction, even digital exhaust provides relevant insight as well as risk. As such, data and analytics will become the centerpiece of enterprise business/IT strategy, focus and investment. But how can you make such decisions if you are unsure of the veracity, validity, and volatility of the data?

We’ll describe a systematic approach to understanding business data needs and mapping data to the appropriate sources. Business data is the foundation for virtually every topic we’re covering in this conference and is core to how modern businesses operate. It is also an area that is often overlooked and inadequately invested in as organizations often drop data in a date lake and expect AI/ML to clean up this mess. We’ll also examine how data both supports and can challenge enterprise security, privacy and governance.

from a static, structured environment to one that is more dynamic, inclusive and flexible as this will be critical in support of the Digital Enterprise.  A strong identity ecosystem provides the foundation for much of the innovation we talked about earlier and will support how enterprises will evolve digitally.

In this session, the TechVision team discusses adapting existing enterprise IAM foundations to better support the digital enterprise, including developing a future state strategy that supports new objects (customers, partners, services, “things”), increased scale, and the movement of resources to the cloud. We’ll also set the stage for the rest of this section of the conference.

session will provide a real-world example architecting and building a new and improved enterprise IAM foundation. We’ll first hear from Sempra Energy as they have, over the past several years evaluated their enterprise IAM infrastructure, collected requirements, built out their overarching IAM reference architecture, conducted an RFP and now are deploying and iterating on their new enterprise IAM services.

experience has become a competitive differentiator in the world of digital enterprises. Today’s increasingly sophisticated consumers now view digital interactions as the primary mechanism for engaging with brands and, consequently, expect deeper online relationships delivered simply and seamlessly. Further, the customers expect some control around how firms collect, store, manage, and share their profile data—and regulatory controls are demanding it.

This panel session will start with key differences between Customer IAM and traditional enterprise identity management. We’ll then discuss different approaches to delivering the digital experience customers expect, how CIAM services support these goals and how this impacts enterprise business. We’ll also get a perspective on trends, customer requirements and development priorities from some of the leading suppliers of CIAM products and services.

management for known entities. A decentralized identity system adds a focus on authenticity and how a community can establish trust across the boundaries of any ecosystem. In a decentralized identity future, credentials can be shared between parties with authenticity, security, and privacy guaranteed; or at least, that’s the promise.

This panel session will describe this new approach, assess industry and vendor offerings and address the prerequisites and timing of this nascent approach. We’ll also contrast this model to one in which individuals “rent” IDs for every site they may conduct business with. We’ll look to provide insights to help enterprises better understand what this new environment is, how it benefits the enterprise and when it will be ready for “prime time”.

hesitancy on the part of anyone to change what’s working. But changes are required to make it work in the digital enterprise. Changes need to be made in ways that ensure a smooth and safe transition. This is where adhering to standards and having the right integration tools can provide the flexibility and inclusiveness required to support the modern digital enterprise.

This panel session describes the key standards, architectural elements, governance models and integration tools and approaches needed to extend/integrate existing services while transitioning the foundation for the future.

Identity Management by five of the “legends” in the Identity Management and related areas. These leaders will discuss, debate, address your questions and provide advice to our attendees. They will also reflect on what has been discussed during the course of the day. The focus will be on how large organizations architect and develop strategies in the Identity Management area that support the Digital Enterprise. This will include pragmatic advice for the enterprise and the overall industry as to how we might approach lingering challenges and how we might prepare for the expected future. This session will leverage the expertise of legends and the audience to better frame the problems and potential solutions for enterprises and the industry. If these problems were easy to solve, we wouldn’t be debating some of the same issues we were discussing 30 years ago.

enterprises and the proactive approach Emory has taken to address these challenges. A core challenge is supporting an open, multi-cloud world while developing consistent cloud-platform independent security models. The difficulty in achieving this capability within a reasonable budget led to the development of core cloud security controls within Emory, but this wasn’t sufficient for their multi-cloud needs. This led to the formation of RhedCloud, an open source effort that includes participation by the “big 3 cloud vendors” to develop multi-cloud security controls in support of the needs of Research, Health Care and Higher Education.  This is a model, TechVision sees as a viable path forward as enterprises both extend their digital reach and take advantage of multiple cloud-based services.

relationships to be managed, the new development models such as DevOps and the diversity of the platforms that need to be appropriately secured require a new way to think about security. This session will describe this approach and provide food for thought for CIOs, CISOs, architects and LOB leaders as they plan to secure and mitigate risk in this new world.

A key premise is that organizational silos and traditional security architectures cannot support the business effectively as enterprises adopt cloud-native platforms. To protect business assets in these environments, organizations must establish new methods, capabilities, and instrumentation. Security controls must be both agile and scalable (much like the identity services we discussed on Day 1), providing new capabilities that match this new environment. These new concepts and approaches will be described in this session.

recommendations for large organizations; we’ll look at ZT from a philosophy level, a strategy/architecture approach and as implemented within silos (like Zero Trust Networking). This session will define this heavily hyped but critical security topic and provide pragmatic enterprise advice. We’ll follow the level set presentation with a panel discussion with several vendors that are building products and delivering services in this space.

significant security risks. This session will focus on API security, key vulnerabilities and developing enterprise strategies and programs to address these risks. We’ll also get insights about the approaches, strategies and expected future state from a few key vendors in this space.

an approach to developing a “least privileged” security model and leveraging increasingly sophisticated PAM products and services. PAM is a specialized category of access management that provides increased protection for administrative accounts that are the most highly coveted by bad actors and can generally do the most damage. We’ll also get insights into the directions and investments being made by key vendors in this space and include guidance for enterprise security leaders.

seek the utopia of fine-grained authorization; the ability to use attributes, granular role-based data or information collected in real-time to make informed authorization decisions.  This, of course, gets more difficult as we add the complexity and real-time access decision requirements associated with the digital enterprise. We’ll look at why this has been the case and what vendors, enterprises and the industry can do to move this in the right direction. This is necessary to achieve the right access to the right resources for the right people at scale.

position is that this future is now or at least rapidly approaching. For the reasons we have been discussing – device and network ubiquity, reliability, Bring Your Own Device (BYOD) initiatives coupled with the accelerating levels of fraud associated with password-based authentication, the time has arrived to deploy MFA or other means of dynamically authenticating given the risk profile within your enterprise.

MFA is becoming the standard, while password-less authentication, biometrics and other advances in authentication are being explored in support of the digital enterprise. This session will include a TechVision “level set” and perspectives from selected vendors as to how this landscape will and should change.

operations under a “single automated umbrella” — has helped with everything from more frequent feature releases to increased application stability. However, many security and compliance monitoring tools have not kept up with this pace of change, as they simply weren’t built to test code at the speed DevOps requires. This has only solidified the view that security is the biggest block to rapid application development and — more generally — IT innovation. DevSecOps is a natural and necessary response to the bottleneck effect of older security models on the modern continuous delivery pipeline.

quickly becomes harder and harder to manage. Monitoring user behavior, service deployment and failure, error detection, and data access at real-time scale requires a different strategy than a traditional IT environment. It also creates challenges with respect to privacy.

In this session we will discuss the trends in using Analytics (AI, ML) to manage application delivery, quality, security, and performance in a dynamic DevSecOps / cloud native environment.

all connections, we also need to consider the escalating global privacy landscape. Regulations such as the European General Data Protection Regulations (GDPR) and the California Consumer Privacy Act (CCPA) add regulatory clout to given individuals greater control of their data and provide escalating penalties for those that violate these regulations. This session will provide an update on the evolving responsibilities enterprises face.

Security and risk by three of the “legends” of the Security space. These leaders will discuss, debate, take questions and provide advice to our attendees. They will also reflect on what has been discussed during the course of the conference that pertains to security and risk management. The focus will, in particular, be on how large organizations architect and develop strategies that support a “safe” Digital Enterprise.

This session will leverage the expertise of legends and the audience to better frame the problems and potential solutions for enterprises and the industry.

These “legends” represent some of the top analysts, thought leaders, consultants, visionaries and practitioners that have unparalleled knowledge and experience in this area.  This panel includes Dr. Fred Cohen; he is widely considered to be one of the leading security/risk experts in the world. He is best known as defining the term “computer virus” in the early 80s and the inventor of the most widely used computer virus defense techniques. Fred also started the security practice at Burton Group. The panel also features Dan Blum, one of the world’s foremost analysts, consultants and thought leaders in the security and identity management areas. The panel also features Nick Nikols who has designed security services, led product teams and served as a top analyst and consultant in this space over the past 30 years. And last but not least, it includes Kurt Lieber the Chief Information Security Officer from Aetna, with prior senior security leadership positions at Target, Kaiser Permanente and Goldman Sachs.