EIC2024 – This year, Berlin was the place to be for The Kuppingercole European Identity and Cloud Conference (EIC) 2024. The event attracted over 1,000 cybersecurity professionals to discuss the latest trends in identity and access management (IAM).
And of course, we were there as well! Robin Gorris and Wouter Decruy represented IS4U during this interesting event. A few days later, Robin reflected on the eventful days and shared his takeaways from this year’s edition. let’s dive in…
EIC2024 takeaway #1
The AI revolution in IAM
AI has been the talk of the town for almost 2 years, and that was no different during #EIC2024. IAMones, an Italian IAM company, explained how AI is automating security policies, like enforcing Multi-Factor Authentication (MFA) every three days and adopting a least privilege approach. How their platform used Graph Data, Large Language Models (LLMs), and Temporal Graph Networks (TGNs) to transform IAM was an eye opener and very inspiring to witness.
As we look at the Gartner Hype Cycle we could say AI is at the peak of inflated expectations. There are a lot of practical applications arising but it’s time to take a breather and look at the long term implications.
Within the world of IAM we have to stand still and think about how we would like to embrace AI. All these AI tools are identities on their own and should be treated as such which raises other interesting questions about control and security.
And as always, we’re looking forward to what the future has in store, as there is much more to come!
EIC2024 takeaway #2
The rise of decentralized identity
Decentralized identity and digital wallets particularly were a hot topic. These wallets can store IDs, driver’s licenses, diploma’s, certificates and much more. (Think about the recently launched “MyGov app” as an example, allowing the Belgian citizen to choose what they share with who, enhancing both convenience and security.)
The goal is that these digital wallets make credential sharing seamless across the European Union, which results in a more secure Europe but also makes activities like traveling and commerce much easier and convenient.
A standout case was the NHS (National Health Service in the UK) using digital wallets to verify doctors’ credentials when moving between hospitals. No more tedious forms to fill in, no more mistakes and always correct information. Similarly, The Lindner Group, a large German construction firm, is digitizing permits and certificates for its employees, enhancing efficiency, security and cost reduction when working on a lot of different construction sites at the same time.
EIC2024 takeaway #3
Hackers logging in instead of breaking In
Not a big surprise, but still worth mentioning. Attackers using stolen credentials to log in as legitimate users remains a significant cybersecurity threat .
Identity is the new perimeter, hackers try to bypass the traditional company firewalls and try to access the system by impersonating authorized users. The result? Phishing has become increasingly popular (as everybody notices) as it gives hackers the ability to gain legitimate credentials from real people. Strong identity security measures, like multi-factor authentication (MFA), are also important to fight this threat.
“Why would you try breaking the vault of the bank, if you can impersonate the people guarding it?”
Robin Gorris – IAM expert
EIC2024 takeaway #4
The identity fabric
The Identity Fabric approach brings diverse identity services together into a single, flexible architecture, resulting in consistent policies, the ability to scale, and improved user experience.
The identity fabric acts as a “glue”, making sure all the elements work together, improving the overall security and user management within organizations. During the event there were discussions about the benefits of IAM systems that provide “a holistic approach” to identity management versus a ‘focused vendor approach”.
Not sure which kind of “glue” to use in your organization? Our IS4U experts are here to help. Just reach out via our contact page, they’ll be happy to help.
EIC2024 takeaway #5
Don’t forget to basics
The last key takeaway is a theme that occurred more often than expected: balancing the new innovations with the foundational practices. While new technology like AI and digital wallets promise to revolutionize many aspects of our business, it doesn’t mean we should throw away decades of proven IAM knowledge and practices.
The key is integrating these new technologies into existing and proven frameworks. In the long run you won’t compete with technology itself , but with other people making use of it. We should embrace and educate ourselves on the potential of these new technologies and put it to use to overcome the challenges of today and tomorrow.
On a personal note
#EIC2024 is an amazing place for knowledge sharing and networking. Robin and Wouter enjoyed meeting with fellow-minded IAM experts. The fact that the sessions rarely are sales pitches and that EIC is largely community-driven makes it very valuable for sharing ideas, strategies and knowledge. Definitely worth the trip! Do we see you next year?
“Being at the same event, and following the keynote, of one of my “idols” was something special. Big shout-out to Phill Windey, for introducing me into the world of IAM.
Phill is the author of “Digital Identity”, a book that remains a must-read for every beginning IAM practitioner even 20 years after its publication.”
Robin Gorris – IAM expert
Want to know more about what we learned during the event?
Robin is happy to talk about IAM (and cybersecurity) with you.
Make sure to reach out via his Linkedin profile or our contact page.