Speakers
Synopsis
Thanks to the continued evolution in the frequency and sophistication of cyber-attacks and our adversaries, the truism: it is not a matter of if, but when, your organisation will have an incident” has never been more relevant.
Threat actors target accounts, users, and their associated identities, to conduct their malicious activities through lateral movement and poor security hygiene. Detecting and defending against these malicious activities should be the basis of all modern cybersecurity initiatives.
Leveraging real world examples, such as the Okta Support team breach of October 2023, as well as the common tactics of threat actors such as Mango Sandstorm and Midnight Blizzard we will also dive into the modern identity-related attack vectors challenging cyber teams across the worlds.
We will delve into the difficulties encountered by cybersecurity leaders in effectively managing security risks within intricate and ever-changing environments, with our focus squarely on identity security. This discussion will specifically address the challenges posed by Remote Work, Vendor Access, Elevation of Privilege, Vulnerability Awareness, and the Expansion of Hybrid and Multi-Cloud Infrastructures. This we will map to the above real-world examples.
Finally, we will explore key risk mitigation approaches and strategies to operationalize best practices to approaching risk mitigation, with a view of taking a different approach to Identity Security. We want attendees to seeing Identity Security defence as thinking in graphs instead of lists – just like the very attackers they are attempting to thwart.
Attendees will gain a comprehensive understanding of what identity security entails, how to limit the blast radius of identity-related breaches and the key factors to consider when securing pathways to privilege. The session will encourage attendees to reset their perspective of what identity security could mean for their organisation.
